There has been no shortage of data breaches in the news recently, the likes of Dixons Carphone, Air Canada and Butlins all suffering. But how much attention do we pay, until it is our personal information that has been compromised? Recently, a member of our team here at The DDC Group was involved in a breach at the Royal Museums Greenwich (RMG).
The email received was rather detailed in terms of what had occurred and how they plan to proceed. What isn’t clear is what steps were in place to avoid this taking place in the first instance. It seems that the issue revolves around a third party – which will be frustrating for the RMG but unfortunately the responsibility still sits with them.
Further, the email suggests that the breach was identified on a Thursday, whilst the email was sent on the following Monday. This is reasonable, but if we read between the lines, that suggests it has taken time to implement any reaction as opposed to an existing plan being implemented immediately.
So, what can an organisation do to ensure that firstly, these kinds of breaches are avoided? Secondly, that they can be actioned immediately. Here at DDC Analytic Solutions, we have been supporting organisations with our RiskView software with their data requirements. Not only accounting for GDPR but IP loss and theft, phishing and security, plus others. RiskView also assists validation of the supply chain to ensure third-party providers are adhering to the same compliance and security standards.
- 22nd July 2019The Human Element of Data Security
- 15th July 2019Third Party Data Protection
- 10th July 2019Two Fines in Two Days – ICO Plans to Fine Marriot £99m
- 10th July 2019ICO Issues A Record Fine for BA
- 2nd July 2019Do You Have True Visibility of Your Data?
- 18th June 2019Reduce Your Exposure to a Data Breach
- 15th May 2019Organisations Relationship with Cybersecurity and their Workforce – In Scope
- 9th May 2019Subject Access Requests
- 1st May 2019Data Discovery
- 26th April 2019Defence In Depth