Cibecs and IDG launch the 2012 Data Loss Survey

By Natasha | April 13, 2012 @ 2:41 pm

Cibecs and IDG launch the 2012 Data Loss Survey to Gather insight around Business Data Protection

Get the 2012 Results, complete the Survey

Every year Cibecs runs the Business Data Loss Survey, uncovering the major IT challenges around data protection, and providing industry insight. Last year’s survey results were read by over 50 000 IT Professionals.

Another Cyber Security Attack – Another 1.5m people affected.

By Brandon | April 2, 2012 @ 4:00 pm

US Cyber Security Attack impacts 1.5 million credit card users

First exposed by leading data security blog, KrebsonSecurity, this data breach at Atlanta-based Global Payments (a credit and debit card processor) is currently believed to be confined to North-America account holders.

Gidani and it’s R400 million (per year) data breach faux pas.

By Brandon | March 26, 2012 @ 10:19 am

How data breach nearly cost Lotteries operator its license to trade

Gidani (licensed operator of the South Africa national lottery) recently came perilously close to losing its R400 million a year contract.

The reason for this near-miss was its failure to secure its business critical data (a requirement of their contract with the National Lotteries Board) – with two independent audits questioning existing measures to protect confidential data.

The much publicized data breach that led to fraudulent activity at Gidani, of course, played a crucial part in highlighting the failings of the technology and processes in place at the operator.

The Global Cyber Security headache.

By Brandon | March 19, 2012 @ 11:35 am

Healthcare CIOs and CSOs must improve security.

According to Wikipedia “there were 380 major data breaches in the United States in 2011, involving 500 or more patients’ records listed on the website kept by the United States Department of Health and Human Services (HHS) Office for Civil Rights.

So far there have been 18,059,831 “individuals affected,” and even that massive number is an under-count of the breach problem.”

SA State Intelligence Data under Attack

By Natasha | March 15, 2012 @ 1:35 pm

South African State Intelligence Data: Stolen due to Ineffective Data Protection

The recent theft of laptops and desktops from the South African State Security Agency’s top offices – including the theft of intelligence Minister, Siyabong Cwele’s, laptop containing extremely sensitive information, has created massive public concern around the agency’s data protection practices.

The burglary happened a few weeks ago in Pretoria, when the Bogare building in Menlyn (which houses top State Security Agency offices) was infiltrated, resulting in the theft of confidential data.

Intelligence spokesperson, Brian Dube, confirmed the break-in, stating that the Security Agency and police were investigating the incident and that the Agency would prefer not to speculate on the motive(s) behind the crime. He refused to disclose further details at the time.

Over $17 Million: The cost of Data Loss and HIPAA Violation for Blue Cross Blue Shield

By Natasha | March 15, 2012 @ 1:26 pm

HIPAA Violation and Data Loss results in $1.5M Fine for Blue Cross Blue Shield – and Massive Related Costs

The recent penalty on BlueCross BlueShield of $1.5 million to the federal government is a harsh warning to the Healthcare and Insurance industries to ensure effective data protection.

The Real Costs and Penalties of HIPAA Non-Compliance

 
The fine however is not the only expense of this Data Loss incident. Since the data was lost in 2009, the company has spent around $17 million in costs on investigation, analysis, notification and improved data protection efforts. This is a sure indication of the costs of HIPAA non-compliance, and how the associated costs of data loss are severe.

The data loss, investigated by the U.S. Department of Health and Human Services Office for Civil Rights, which said the company “failed to implement appropriate administrative safeguards to adequately protect information” at the facility and did not have adequate facility access controls. Both failures violated requirements of the Health Insurance Portability and Accountability Act.

Blue Cross Blue Shield has now agreed to a 450-day corrective action plan to assess and address weaknesses in its HIPAA compliance program, HHS said.

Download our White Paper: HIPAA Compliance through Effective Data Protection

The penalty is a result of potential violations of patient information rules that resulted from the theft of 57 hard drives from the Blue Cross Blue Shield. The hard drives contained protected health information of over one million customers. This personal information included Full Names, Date of Birth, Social Security number, diagnosis codes and health plan identification numbers.

“This settlement sends an important message that OCR expects health plans and health care providers to have in place a carefully designed, delivered and monitored HIPAA compliance program,” said OCR Director Leon Rodriguez.

BlueCross will also have to review, revise and maintain its privacy and security policies and procedures.

Ensure Effective Data Protection Download our 30 Day Free Trial

Corporate Governance Compliance Checklist – Data Protection

By Natasha | February 14, 2012 @ 12:54 pm

Data Protection & Compliance Checklist for Business IT

Compliance & Legalities around Data Protection for Businesses

Corporate Governance Compliance and the requirements around Data Protection have become increasingly important to businesses globally due to the consequences of being non-compliant, as well as the often devastating results of data loss, data theft or unauthorized access to confidential files.

Often data protection and effective data management is interpreted as an insurance policy, however, as enterprises become aware of the multiple productivity and cost-savings benefits of employing an effective data protection solution- this perception is shifting.

Data loss in organizations is also becoming an increasingly prevalent problem, with over 50% of companies losing data in 2011.

2011 Data Loss Statistics

Data protection and Corporate Governance Acts and Requirements can be long and difficult to digest and complicated to drill down to actionable items, and to see immediate business benefits. However, without securing & protecting your company data and – the personal and organizational consequences can be detrimental.

There are certain requirements & guidelines that all companies must follow:

Save on IT Support Costs

By Natasha | January 29, 2012 @ 9:53 am

Case Study: IDC Lets us know we can cut down on IT support costs

When it comes to cutting costs and, especially, IT resource spend – a measured, surgical approach that seeks to maximize output and streamline processes will stand any organization in far better stead than, say, cutting costs across the board just for the sake of it.

Efficiency is key and, what’s more, when the tide turns it will be the company that worked smartly that will be best positioned to expand, as leaner and meaner systems (cultivated in these times) are able to support exponential growth.

IDC points out three key areas where you can cut on IT Support Costs
In these recessionary times, the IDC believes that Enterprise IT organizations need to investigate several aspects of their operations that represent areas of immediate possible cost saving. The three areas are:

Improved Govt IT systems = improved service delivery

By Brandon | January 24, 2012 @ 1:26 pm

The latest auditor-general report (on National Audit Outcomes) cited the lack of adequate IT systems across government as a key obstacle to service delivery.

Failings highlighted include:

In short, the auditor-general (AG) found that practically none of South Africa’s national government departments and public sector entities have sufficient IT systems in place.