Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 22 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Data breaches remain fault of people, not technology

by The Gurus
December 5, 2014
in Editor's News
Share on FacebookShare on Twitter

A quarter of reported data breaches were caused by accidental loss or destruction of personal data.
 
According to a Freedom of Information Act request, an examination of incidents in the first three months of 2014 found one-quarter of reported data breaches were caused by the accidental loss or destruction of personal data, up 15 per cent for the second half of 2013.
 
Of these, between April and June 2013 and the same period for 2014, 43 per cent involved confidential information being disclosed in error, primarily through emailing, faxing or posting data to an incorrect recipient. Only seven per cent of breaches for the period occurred as a result of technical failings; the remaining 93 per cent were down to human error, poor processes and systems in place, and lack of care when handling data.
 
The FOIA request found that, to date, no fines have been levied due to technical failings exposing confidential data, whereas a total £5.1m has been issued for mistakes made when handling sensitive information.
 
Since the possibility to fine for significant data loss was given to the Information Commissioner in 2010, the total number of fines issued is in excess of £6.7 million.
 
£600,000 of this total has the specified cause of information being emailed to the incorrect recipient, £320,000 attributed to using the wrong fax number and £170,000 for postal address inaccuracies. Add to this the penalties for unspecified disclosure to the wrong recipient, loss of unencrypted endpoint devices and accidental uploads of sensitive information to publicly available websites, and the figure is in excess of £3.7m. The final £310,000 is accounted for by paperwork left in decommissioned buildings, on public transport or in the street.
 
Tony Pepper, CEO of Egress Software Technologies, who made the request, said that people making mistakes will never be completely prevented, but it was clear that safeguards were urgently needed.
 
“Confusion can often put confidential data at risk, with users unsure of when and how to encrypt,” he said. “Similarly, a continued reliance on fax and post demonstrates a disturbing lack of care and control taken to sensitive information.
 
“What these statistics demonstrate is that training alone is not the answer. Solutions that are easy to use yet offer comprehensive protection and control have been developed to mitigate the risk of a data breach, so it is mystifying why organisations are not implementing them to reduce their liability.”
 
He also claimed that of the £6.7 million in fines, it was alarming to see that well over half (£4.5 million) is coming from the public sector alone. “Not only are these organisations and bodies responsible for handling citizens’ data, their malpractice is being paid for by the public pocket,” he said.

FacebookTweetLinkedIn
Tags: ComplianceData ProtectionFineICORegulation
ShareTweetShare
Previous Post

ISO27001 – still the st andard to reach

Next Post

Sony Pictures kept passwords in a file directory – industry views

Recent News

security

What Is Observability, And Why Is It Crucial To Your Business?

March 21, 2023
Organisational Cybersecurity.jpg

How Emerging Trends in Virtual Reality Impact Cybersecurity

March 21, 2023
Nominations are Open for 2023’s European Cybersecurity Blogger Awards

Nominations are Open for 2023’s European Cybersecurity Blogger Awards

March 20, 2023
TikTok to be banned from UK Government Phones

TikTok to be banned from UK Government Phones

March 17, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information