Regularly Updated Global News on Compliance and Privacy
We bring you news, views, and announcements from around the world. This is Globally Syndicated News, as it happens. News on this page changes as organisations whose news feeds and tickers we subscribe to publish their own new items.
We have several newsfeed pages based around feeds that are aggregates for specific topics:
[CaRP] XML error: XML_ERR_NAME_REQUIRED at line 1
[CaRP] XML error: Reserved XML Name at line 2
- Cyber crime touches new high
The COVID-19 pandemic has caused job losses, deaths, widespread health concerns and gutted businesses, but there’s was also another danger...
- Cybercrime to reach 1% of global GDP in 2020
Global losses from cybercrime are projected to hit $945 billion in 2020, reaching a level equivalent to 1% of the entire world’s GDP. These are...
- Cybercrime police stations to dot Hyderabad
Hyderabad: The Hyderabad City Police will soon have one cybercrime police station each in all the five zones. City Police Commissioner Anjani Kumar...
- What is steganography and how does it differ from cryptography?
Steganography is the study and practice of concealing communication. It plays a different role to cryptography, with its own unique applications and strengths...
- Predictions 2020: Will This Be the Year of Cybercrime-as-a-Service?
Is cybercrime-as-a-service poised to become an actual business trend? Don't be surprised to see it happen in 2020. Security-breach news became so...
- What’s been done to fight cybercrime in East Africa
East Africa attracts millions of tourists every year. Over the past 10 years, its earnings from tourism have doubled. Compared to the rest of Africa,...
- Cybercrime Rises Globally and in Malta: How to Protect Your Business
How to protect your business against hackers As the Internet has become a routine tool for enterprises, which tend to host and exchange valuable data...
- Why businesses dont report cybercrimes to law enforcement
Law enforcement agencies estimate the number of cybercrimes that go unreported by businesses number in the millions. Here why and when you should...
- Cyber-crime thrives on legal inefficiency & business leaders turning a blind eye
‘No one noticed? Good. Sweep it under the carpet.’ This seems to be the preferred method of top UK IT business bosses when it comes to...
- Many are seeing the damage of cybercrime and identity theft firsthand
As massive data breaches continue to make international headlines and the Internet is an integral part of our daily lives, consumers are now grasping...
- Russian Activists Take On The Fight Against An Online Suicide Game
A group of young activists backed by the Kremlin and known for their efforts in cracking down on homosexuality in Russia has taken on a new...
- Awareness creation on Cyber Crime key for digital migration
Dr Herbert Gustav Yankson, Director in charge of Cyber Crime Unit at the Criminal Investigations Department (CID) of the Ghana Police Service has...
- Why Cybercrime Is So Hard to Investigate
Cyber crime is so prevalent that cyber investigations are now handled by nearly every law enforcement agency...
- Digital Forensics with Free Data Recovery Software
Digital forensics (sometimes known as digital forensic science) is a branch of forensic...
- Distance Learning Systems and their information security
The article studies the problems of improving the degree of information security in the distance learning systems (DLS) at the expense of...
- Cybercrime as a threat for critical infrastructure protection
The article discloses the problems of an Internet-crime (cybercrime) prevention that is a purpose of this article. As one of an approach for...
- Dublin's Symantec a key cybercrime fighter
Symantec estimates cybercrime cost consumers about $110bn in 2012...
- Cyber criminals and cyber spies active in Asia
Cyber espionage involves the illicit extraction of information; cyber crime is the illicit extraction of money...
- Activists: New Philippines law gags netizens
The Cybercrime Prevention Act of 2012 came into effect Wednesday despite widespread protests among netizens, journalists and free speech activists...
- Saving Money With SFTP - Wick Hill
Everyone is looking to cut costs in the recession, but there is one solution which many companies don't realise has the potential to save money for minimal investment and minimal disruption, which also can provide fast ROI. A lot of organisations still have legacy systems and are happy to live with them, given the huge upheaval and potential expense which replacement would mean. But those legacy systems have some costly aspects to them, which can easily be improved and which offer the potential for savings. FTP file transfer from legacy systems normally goes on in the background without anyone paying too much attention to it. It's the part of legacy systems which is below the surface and w...
- UK Information Commissioner targets firm selling vetting data
The Information Commissioner's Office (ICO) has taken stringent enforcement action against a business that it believes has been selling data about construction industry workers to prospective employees. The action against the Consulting Association is further evidence of the proactive enforcement activity being adopted by the ICO. It's an interesting case study of the range of powers that the ICO has to: - obtaining a warrant to obtain entry
- issuing enforcement notice to effectively cease using the data
- the threat of criminal sanctions because they had also failed to register with the ICO.
The impact may well be to close this business down, which is proof that the ICO is far from be...
- 12 Key Steps to Internet Security - Wick Hill
- Your approach to internet security should begin with a risk assessment. If you don't know what threats are likely to be posed to your IT systems and networks, and their potential effects on your business should they occur, then you are not really in a position to put in place a series of measures to counter these threats.
- An effective anti-virus solution is absolutely fundamental to the security of any computer network.
- Equally, a firewall is one of the most basic security mechanisms and should form an integral part of your internet security defences.
- Dechert - Telephone Monitoring: Dos and Don'ts
It is widely (and incorrectly!) believed that it is unlawful in the UK in all circumstances to monitor and record telephone calls without drawing this to the attention of the parties to the call. There are in fact broad exceptions which are relevant to many businesses which do allow such activities without obtaining consent. There are several reasons why businesses may wish to monitor or record telephone use for the purpose of its business. Often the rationale is quality control or even compliance by an employee with certain regulations, but the monitoring may also be useful for ensuring that employees are not calling friends in Australia at the businesses expense or otherwise using the sys...
- The Dating Group Internet Scam
In August an internet scam hit very close to home when, I was almost conned. It started when I went looking for a job online. There, I came across...
- Firewall or Unified Threat Management System, UTM? Wick Hill
Unified threat management systems (UTMs) have been growing in popularity for the last few years. Traditionally, they have been widely adopted by SMEs, but larger companies and enterprises are now also deploying UTMs, appreciating the benefits they can offer. UTMs are designed to provide a range of security solutions in a single appliance, reducing costs and simplifying the whole process of security systems management, reporting and installation. The minimum requirement for a UTM, according to IDC, is a firewall, VPN, antivirus and intrusion detection/prevention. Super UTMs (sometimes called extended UTMs or XTMs) have, however, evolved from this to incorporate additional capabilities whi...
- Information Commissioner's Office demands encryption of mobile devices - Ever...
emonstrating the increasing appetite of the Information Commissioner's Office (ICO) to take enforcement action, Virgin Media Limited is the latest organisation to be held to account for a breach of the Data Protection Act 1998 (DPA). The breach seems to have occurred earlier this year following the loss of a compact disc that was passed to Virgin Media by Carphone Warehouse. The disc contained personal details of various individuals' interest in opening a Virgin Media Account in a Carphone Warehouse store. In this instance, the ICO has not gone straight to issuing an enforcement notice (by contrast to the treatment of the Liberal Democrat Party last week), but has instead obtained a formal...
- Data loss - liability, reputation and mitigation of risk - Eversheds e80
With an increasing number of security breaches hitting the headlines, there is, unsurprisingly, a growing awareness amongst regulators and the public alike of data security issues. The risks to businesses of being involved in a data loss incident are high. Criminal sanctions under the Data Protection Act are well established, but other regulators like the Financial Services Authority (FSA) are also willing to flex their enforcement muscles. In the last three years, the FSA has levied substantial fines against several of its members for security breaches. Bad publicity is another potentially lethal sanction. A recent study by Ponemon showed that 31 per cent of respondents terminated their r...
- What does the British Computer Society think of Phorm?
Phorm, Webwise, OIX and the BCS Security Forum Phorm over function? Perhaps that's the challenge in relation to marketing desires clashing with privacy hopes. But given the starting point of the Phorm furore, in the Spring of 2008, we are now in the Autumn of 2008 and its been nothing but data breach after user faux pas exposing countless millions of individuals' personally identifiable information that has focussed the spotlight firmly upon the need to apply "privacy by design" principles from the outset - something that the ICO will be taking a very serious view of in the coming months. The BCS Security Forum is equally involved in keeping a watching brief.
- Are you storing customer data properly? The challenges of PCI DSS compliance
Data security breaches are hitting the headlines with alarming frequency. While the most recent breaches have involved the public sector and financial services industries, retailers are not immune from the rise of data losses. Cotton Traders, the UK leisurewear and casual clothes brand, for example, recently conceded that thousands of customer details had been stolen from the company's website. Last year saw perhaps one of the most publicised cases involving retail giant, TJ Maxx, which found that hackers had accessed internal systems used to process and store customer transaction data, including credit card, debit card, cheque and return transactions. The incident cost TJ Maxx $256 million1...
- Data Vendor Sends SPAM about The Dangers of Prospecting Databases
ComplianceAndPrivacy.Com received an email that appears to be from Harris Infosource, a D&B Company. Not a lot wrong with that, you may say. The email is a cold unsolicited email, or SPAM, What makes this amusing is that the SPAM has this subject line: "Why Using Cheap Prospect Lists Can Cost You Big!" Harris Inforsource, it seems, are the purveyors of fine prospect lists. Harris addressed their SPAM to Milton Bennett at our domain. If Milton existed, if Milton had ever existed, if we had ever created, used, publicised an address for Milton, who is not now and never has been a member of our staff, then this would have been something we could pass off as "just one of those things". Bu...
- Bank Customer Personal Data Sold on eBay for £35
An investigation is under way into how a computer containing bank customers' personal data was sold on an internet auction site. The PC, which was reportedly sold for £35 on eBay, had sensitive information on the hard drive. The Royal Bank of Scotland (RBS) and its subsidiary, Natwest, have confirmed their customers' details were involved. RBS says an archiving firm told it the PC had apparently been "inappropriately sold on via a third party". It said historical information relating to credit card applications for their bank and others had been on the machine. The information is said to include account details and in some cases customers' signatures, mobile phone numbers and mothers' m...
- Best Western Denies Report of Massive Data Breach
A Scottish newspaper Friday ran a story that claimed to uncover a massive theft of data from Best Western's customer database, including personal information on all 8 million customers at the chain's 1,300 hotels in the past year. After initially thanking the newspaper and doing its own investigation, however, the hotel chain now says The Sunday Herald's report of a massive breach at Best Western is "grossly unsubstantiated." In its report, The Sunday Herald stated that "a previously unknown Indian hacker successfully breached the IT defenses of the Best Western Hotel Group's online booking system and sold details of how to access it through an underground network operated by the Russian m...
- Best Western Data Loss - Indian hacker alleged brain behind biggest cyber-heist
An unknown Indian hacker is being 'charged' with the greatest cyber-heist in history for allegedly helping a criminal gang steal identities of an estimated eight million people in a hacking raid that could ultimately net more than 2.8 billion pounds in illegal funds. An investigation by Scotland's Sunday Herald newspaper has discovered that late on Thursday night a previously unknown Indian hacker successfully breached the IT defences of UK's Best Western Hotel group's online booking system and sold details of how to access it through an underground network operated by the Russian mafia. There are no details yet on how the hacker was identified to be an Indian and if a probe is on to ide...
- Vietnam introduces heavy fines for spammers
Organisations and individuals who send spam mail and text messages or trade in e-mail addresses may be fined up to VND80 million (US$5,000), according to the newly-issued Decree on Anti-spam mail. The decree bans organi-sations and individuals from using electronic means to deliver spam messages, exchange or trade e-mail addresses or deliver software products that collect e-mail addresses, according to the Ministry of Information and Communications.
- Republic of the Phillipines can?t do without policy on data privacy, security
Under no circumstances can the Philippines compete, let alone thrive, in the lucrative outsourcing market and the global marketplace without a fool-proof policy on data protection and security. This was the clear message sent out by participants in a recent conference dubbed "Mapping the Future of Information Security Forum" organized by the Information Systems Security Society of the Philippines (ISSSP) at a hotel in Makati City. Anthony Tuason, a director at consultancy firm PriceWaterhouseCoopers, said during his presentation that IT companies, most especially those in the BPO sector, cannot possibly institute "IT governance" ? the process of using technology as to management tool to ru...
- National Gateway Security Survey 2008 Shows Interesting Changes in Threat Lan...
The National Gateway Security Survey 2008, carried out for value added distributor and security specialist Wick Hill and sponsored by WatchGuard Technologies, leaders in unified threat management systems, has highlighted the increasing move toward remote and mobile use, as well as the concerns users have about this shift. In a survey of 341 of the top UK companies, by employee number and turnover, 48% had over 150 remote users and a further 11% had 50 to 100 remote users. 61% said that the number of remote users on their network was increasing. 45% reported that the number of VPNs was increasing and 43% that the number of SSL users was increasing.
- Unified Threat Management (UTM) - Watchguard Technologies
Unified threat management (UTM) spawned a new era of IT security. The promise of these integrated security appliances proved to be an exceptional and efficient way of securing commercial networks. However, businesses today face an inflection point, dictated by changing market trends and new technologies that demand more of today?s UTM. Hence the need is for eXtensible threat management (XTM) solutions, the next generation of UTM appliances. XTM is predicated upon the substantive expansion of three elements: more security, greater networking capabilities, and more management flexibility. This paper provides an overview of these issues and the WatchGuard Technologies perspective on ?extensibil...
- Transatlantic Events - Data Privacy Conference
As a grand special offer to readers of ComplianceAndPrivacy.Com, Transatlantic Events has slashed the ticket price to £200 per day. Reach the special Compliance and Privacy booking page directly from here: Special ComplianceAndPrivacy.Com Delegate Booking Page. This event is a Must See for those planning cross Atlantic or International operations which involve passing data from location to location
- Special Privacy Event Offer
EXCLUSIVE READERS OFFER: Dear Readers of Compliance and Privacy, It's our pleasure to announce and invite you as a VIP Delegate to: The 5th Annual Privacy & Data Protection UK 2008 3rd & 4th of September 2008 at The Law Society, 113 Chancery Lane, London, United Kingdom The event is broken up into two separate days & two separate events: "Data Protection: Global Compliance Management" 3rd of September 2008 "Data Protection: CRM, Privacy 2.0 & Social Networking " 4th of September 2008 This is a major Privacy & Data Protection event with more than 20 internationally renowned speakers. If there is one Privacy & Data Protection event to attend this year, this is it! ...
- Trust is not about SSL. It's about domains
At ComplianceAndPrivacy we've been running a study on domains to trust. We don't mean "trustmydomain.com", we mean the domain suffic; the little thing that you choose when buying "myfabulousdomain". Do you choose .com, or do you think, incorrectly "That is for the USA"? Do you choose .biz? Is .org for you? What about .info? So we asked, on a pretty normal website, this question: "Some domains seem to feel more trustworthy than others. This survey is about the .com .biz .info .org and other domain suffixes and which put you most at ease. OK, there are iffy nations, but we are lumping all national style ones under one entry. Tick all that say to you 'Trust this domain'" We expected nothing ...
- How Centralised Unified Threat Management (UTM) Can Help Companies Control Se...
In today's modern, distributed computing network, where companies and organisations need to secure IT not just for the head office, but for remote locations as well, the ability to control security for multiple sites from one single location is becoming increasingly important. With some security systems, the tasks of configuration, updating, rebooting, etc. for remote sites might all have to be done separately and repeated for each location. Administrators could be faced with managing remote security appliances individually, possibly having to send someone out to a remote site to carry out certain tasks, such as configuration or establishing VPN tunnels. This can be difficult, time consumin...
- Mobile and Remote Working - Is it secure?
- Unstoppable move towards remote and mobile working
- Mobile working is not adequately secured.
- Organisations are concerned about security for mobile and remote workers and how to enforce company security policies outside the gateway.
- Companies want to protect against data leakage and data loss from such problems as stolen laptops.
- There is no one solution to securing remote working.
- The range of solutions includes strong authentication, end point security, remote unified threat management (UTM) systems, low-cost encryption and VPNs.
- Olubi Adejobi and Robert Bentley, bothh Solicitors, fined for Data Protectio...
GrierOlubi and Bentleys - Individual solicitiors convicted for data protection offences The Information Commissioner?s Office (ICO) has today successfully prosecuted two London solicitors for offences under the Data Protection Act. Olubi Adejobi of Grier Olubi Solicitors and Robert Bentley of Bentley?s Solicitors, both based in London, were each fined £300 and ordered to pay costs of £500 plus a victims? surcharge of £15 at Stratford Magistrates? Court. Each solicitor must pay a total of £815 in fines and costs. Today?s prosecution follows the failure of both Mr Adejobi and Mr Bentley to notify as data controllers despite repeated reminders from the ICO of their obligations under the Data ...
- ADC Organisation Prosecuted by UK Information Commissioner for Data Protectio...
ADC Organisation prosecuted for data protection offences ICO prosecutes debt company for breaching marketing rules A Manchester debt recovery company has been successfully prosecuted by the Information Commissioner?s Office (ICO) for bombarding individuals and businesses with unwanted faxes. The action follows thousands of complaints from individuals and businesses to the ICO and the Fax Preference Service (FPS). ADC Organisation Ltd (ADC) pleaded guilty to six charges under the Privacy and Electronic Communications Regulations and has been fined £600 (£100 per charge). The organisation was also ordered to pay £1,926.25 in costs. ADC must pay a total of £2,526.25 in fines and costs.
- UK Information Commissionr takes enforcement action against Marks & Spencer
M&S ordered to encrypt all hard drives by April 2008 The Information Commissioner's Office (ICO) has found Marks & Spencer (M&S) in breach of the Data Protection Act. This follows the theft of an unencrypted laptop which contained the personal information of 26,000 M&S employees. An ICO investigation revealed that the laptop, which contained details of the pension arrangements of M&S employees, was stolen from the home of an M&S contractor. In light of the nature of the information contained on the laptop, it is the ICO's view that M&S should have had appropriate encryption measures in place to keep the data secure. Mick Gorrill, Assistant Commissioner at the I...
- Bereaved man sickened by marketing 'breach'
A consultant in data privacy has slammed a crematorium for its "tasteless" posting of marketing material, claiming that it broke the law. Tim Trent, 55, cremated his mum Connie at North East Surrey Crematorium last November and thought that would be the end of the matter. But three days later, he was stunned to find a glossy brochure on his doormat, advertising memorials, plaques, flowers and other services offered by the crematorium. Mr Trent said: "It hit me in the face like a sledgehammer. We had a really good send-off for my mother, and thought that chapter of our life was closed. I didn't expect this at all, so it was gloriously distasteful."
- European Data Protection Supervisor condemns data protection legislation
The European Data Protection Supervisor (EDPS) has condemned the inability of existing legislation to protect citizens against practices and proposals that amount to the creation of a state-sponsored surveillance society. EDPS Peter Hustin called on the European Parliament to pass primary legislation to define and protect personal data. He also asked for specific laws to protect such data from abuse under new data collection and exchange proposals from law enforcement agencies. He said agencies that collect, process and store the data should provide information that would allow individuals to modify their behaviour to avoid being "profiled" and to obtain redress for errors and abuses. The...
- FBI eyes British identity data
The US Federal Bureau of Investigation is seeking British co-operation in setting up an internationally accessible biometric database of known and suspected criminals and terrorists.
- Dam Data Leakage at Source - a Wick Hill view
- Computer networks have become increasingly open and accessible by more and more users. Huge growth in the use of mobile, wireless and remote computing
- These changes in computer networks have left confidential data at risk of being seen by those unauthorised to view it.
- Those wanting to view data without permission include employees and those outside an organisation. The motive may be non-malicious, or malicious, or criminal.
- Laptops are particularly vulnerable to data loss or theft, with laptop losses reported ever more frequently.
- Losing data damages a company's reputation, puts them in breach of the Data Protection Act and may by very costly, including the possibility of being fined.
- If sensiti...
- UK Information Commissioner does not regulate BlueSpam after all!
Following discussions with the Department of Business, Enterprise and Regulatory Reform and others the Information Commissioner?s Office has amended its guidance on the Privacy and Electronic Communications Regulations 2003. The guidance previously stated that marketing messages sent using Bluetooth technology would be subject to PECR rules relating to the sending of unsolicited marketing.
|
Please note: News feeds contain items from other websites gathered by our aggregating the news feeds that they offer. Where an item comes in a news feed from another website it is presented "as is" with no endorsement from, nor editing by, nor approval from complianceandprivacy.com or its sponsors, VeriSign. News feeds are dynamic. We offer them in good faith, but, where the content is outside our control we cannot be responsible for their errors, omissions or other conduct. Some of the links on this page remain on this site, others go to other sites; that is the nature of a newsfeed. When you leave this site you are encouraged to be aware of the privacy policy of the new site before leaving personal data there.
|