RSS Alerts
The Online Trust Alliance (OTA) has released its 2012 Data Protection and Breach Guide

Share

More services

Related Stories

  • E-mail authentication needs to be taken seriously - OTA
    Research from the Online Trust Alliance (OTA) claims to show that companies need to take email authentication a lot more seriously than they presently do, as well as implement the technology on much more widespread basis.
  • EU official to propose data protection overhaul this week
    EU Justice Commissioner Viviane Reding is proposing this week a comprehensive reform of the EU Data Protection Directive, including a requirement that all companies notify national authorities and customers within 24 hours of a breach of personal information.
  • Study claims people losing patience with firms that endanger their data
    It looks as the great British public is finally losing its patience with those businesses that it views as endangering their personal data, as a survey from LogRhythm claims to show that many people are now aware of the need for data disclosure legislation.
  • Comment: Stopping Employees from Stealing Your Data
    Whether leaked intentionally or accidentally, the practice of information sharing has been known to cause problems. Sean Glynn of Credant Technologies examines how to limit the information users have access to without thwarting trust, and how encryption can play an integral part.
  • When Trust Is Not Enough: Examining Insider Threats
    Whether perpetrated by means of sleek corporate spying or dim-witted neglect, odds are that your insider threats will go undetected for an uncomfortable amount of time unless you play your hand correctly. Drew Amorosi investigates some of the common causes of internal data leaks and reveals its many faces

Top 5 Stories

News

Standards group releases 2012 data protection and breach guide

26 January 2012

The Online Trust Alliance (OTA), an industry standards group, released this week its 2012 Data Protection and Breach Guide, which includes a review of 2011 data breaches and recommendations for businesses to prevent breaches and manage incidents.

The annual guide provides an analysis of the past year's security breaches and offers companies a range of best practices in data security, privacy, and data collection.

In 2011, over 558 incidents were reported at a cost to US businesses of more than $6.5 billion, according to the guide. It is estimated over 50% were a result of a server exploit, of which 96% were avoidable if the recommendations outlined in the guide had been implemented, OTA said.

The average cost incurred last year by each business for a data breach was $7.2 million or $318 per user record compromised – an increase of over $100 per user record from 2009. These incidents also consumed, on average, over 600 man-hours to remedy, the guide said.

The OTA guide recommends that businesses develop a data incident plan that enables the firm to determine quickly the nature and scope of a data incident, take immediate steps to contain it, ensure that forensics capabilities are not hampered, and immediately initiate steps to notify regulators, law enforcement officials, and the impacted users of the loss.

“Last year, more than 125 million people were affected by data loss incidents. Combined with the increased awareness of these high visibility incidents and aggressive data collection and sharing practices, consumers’ trust and online confidence is under attack. By following the recommendations in this guide we have an opportunity to enhance online trust and promote the vitality of the internet,” said Craig Spiezle, OTA executive director and president.

This article is featured in:
Business Continuity and Disaster Recovery  • Compliance and Policy  • Data Loss  • Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012