A new report from Verizon Business shows that following industry security standards can dramatically reduce such incidents. In a first-of-its-kind “Verizon Payment Card Industry Compliance Report,” the company examined compliance with the Payment Card Industry Data Security Standard (PCI DSS), which was created in 2006 to protect cardholder data and reduce credit card fraud. Company…
Category: Commentaries and Analyses
One way to avoid lawsuits over risk of future harm?
I recently posed the question about when three years of credit monitoring might not be enough. As it turns out, deciding what to offer those affected by a breach may be a bit easier in light of a new offering from Debix called AfterCare™. Although I generally avoid blogging about commercial products, the timing of this…
Article: Data Protection and Data Security Issues Related to Cloud Computing in the EU
Lawyer Paolo Balboni of the European Privacy Association, Italian Institute for Privacy, and Tilburg University has an article that has been made available on SSRN. Here’s the abstract: We are in the midst of a revolution within computing. It goes under the name of cloud computing. Analysts estimate that in 2012, the size of the…
States unable to protect citizens’ personal, health data from cyberthieves
Byron Acohido writes: This should come as no surprise. State government agencies aren’t devoting nearly enough resources to protect citizens’ sensitive data from hackers and data thieves. Some 49 out of 50 states report that a lack of budget is crippling efforts to manage cybersecurity effectively. One state chose not to participate. That’s the upshot…
ICO confirms imminent data breach fines
Dan Worth reports: The Information Commissioner’s Office (ICO) has confirmed that it is in the process of imposing fines against organisations that have breached the Data Protection Act. Deputy information commissioner David Smith told V3.co.uk at an Internet Society event in London that the regulator hopes that the fines will make a significant statement about…
When is three years of free credit monitoring still not enough?
How quickly times change. It seems like only a few years ago that we thought it newsworthy that a breached entity would offer a year of free credit monitoring. Then it became newsworthy when they offered two years. Then it became newsworthy when they didn’t offer any free services. Now some retirees in Delaware are…