Archive for the ‘Classification’ Category

What is the True Cost of a Data Breach?

Wednesday, May 14th, 2014

This week, TITUS released an infographic that contains some sobering figures about the true cost of a data security breach. While lost data can mean lost intellectual property (which is hard to place an accurate value on), it most certainly would include fines, expensive customer communications, lawsuits, and an evaluation of technology and/or policy.  All totaled, the Ponemon Institute’s 2014 Cost of a Data Breach Study pegs the cost of a lost record in the US at $195 per record – up from $188 in 2013.
(more…)

Easily Transition from UK GPMS to GSC

Thursday, April 3rd, 2014

Effective April 2, 2014, the new UK Government Security Classifications (GSC) policy replaces the previous Government Protective Marking Scheme (GPMS). The new policy requires the classification of Her Majesty’s Government (HMG) information assets into one of three types: OFFICIAL, SECRET, and TOP SECRET. This classification scheme, simplified from the previous GPMS seven-level classification scheme, will help ensure that government staff, contractors, and service providers can more easily safeguard information.
(more…)

Security is a Business Imperative, Not an IT Task

Thursday, November 21st, 2013

I’ve noticed a distinct theme throughout a number of different analyst report I’ve recently read  –  that the protection of information and data assets is a business task which needs guidance from the business unit leaders. Take as an example…

As executives see more and more media coverage of data breaches and security incidents, the inevitable question is: “What are we doing to make sure that doesn’t happen to us?”

Contrary to 2012 when privacy responsibility was shifting to an organization-wide accountability, in 2013 it’s falling more onto the security group within enterprises. [It’s] a matter of concern if more and more enterprises deem the security group fully responsible for privacy and regulations. Ensuring privacy requires a union of technology, policy, and culture, and a harmony between many business units from security to legal to HR to employees.

–          Understand the State of Data Security and Privacy: 2013 to 2014 (Forrester)

(more…)