Archive for April, 2017
On 19 April 2017, the UK Government’s Department for Culture, Media and Sport (DCMS) published a report on cybersecurity breaches and how they affected UK companies in the last year. Headline statistics from the report include:
- 61% of businesses hold personal data electronically;
- 46% of all UK businesses identified at least one cybersecurity breach in the past year, rising to 51% of those that hold personal data on customers, 66% amongst medium-sized firms and 68% amongst large firms;
From: Naked Security
The UK is about to go into general election mode unexpectedly, so it’s a funny time for its government to be issuing its Cyber Security Breaches Report 2017, which acknowledges that at least 2.5m cyberhacks have happened over the past 12 months.
The report found that just under half of UK businesses (46%) have now gone through some sort of cyber attack, often as a result of malware sent in attachments or clicks through to dodgy sites. What’s more, fewer than a third of UK businesses have a board member specifically tasked with cyber security and a “significant proportion” (the closest the government has disclosed to an actual figure) do not have the basic protections in place.
From: NATO Cooperative Cyber Defence Centre of Excellence
Industry partners in the exercise include Siemens AG, Threod Systems, Cyber Test Systems, Clarified Security, Iptron, Bytelife, BHC Laboratory, openvpn.net, GuardTime and numerous others.
The NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD COE) is a community of nations providing a 360-degree look at cyber defence, with expertise in the areas of technology, strategy, operations and law. The Tallinn-based international military organisation focuses on interdisciplinary applied research, consultations, training and exercises in the field of cyber security. The heart of the NATO Cooperative Cyber Defence Centre of Excellence is a diverse group of international experts from military, government and industry backgrounds. . . .
From: Washington Examiner
Congressional committees continue to lock horns over who has jurisdiction over cybersecurity, a recurring problem and frustration for lawmakers trying to deal in this policy space.
Congress is in the middle of a two-week recess, but during the last legislative session, the House Science Committee passed a bill directing the National Institute of Standards and Technology to audit other agencies’ cyber practices.
Foreign companies with business operations in China will be required to apply for permission to transfer data out of the country under draft rules released Tuesday.
It is the government’s latest move to tighten regulation of digital information, the Wall Street Journal reports.
What MROs need to know about the New EU General Data Protection Regulation
Data privacy regularly hits the headlines these days, and the incoming EU General Data Protection Regulation (GDPR), the most significant overhaul of EU data protection law in recent years, will ensure that this remains the case.
Despite the significant changes being introduced and the fact that the GDPR is set to become law in May 2018, however, a recent report suggests that few businesses have actually begun to take action to comply with the new law.
Providers are unlikely to see any major changes to Health Insurance Portability and Accountability Act audits under the Department of Health and Human Services’ new civil rights director, some experts predicted last week.
Roger Severino, who was recently installed as the director of HHS’ Office of Civil Rights, is expected to keep up the agency’s current level of HIPAA audits, Eric Fader, an attorney for Day Pitney LLP, told Bloomberg BNA.