Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

British Businesses Refuse Free ICO Audits

LogRhythm : 11 July, 2011  (Technical Article)
LogRhythm comments on the refusal of UK businesses to take part in the free data breach risk assessment audits being offered by the UK Information Commissioner's Office

The Infomation Commisioner’s Office (ICO) report for 2010/2011, released earlier this week, expresses disappointment with the response it has received from organisations that are at particularly high risk of a data breach. The ICO revealed it has contacted a number of private sector organisations, including lenders, general business and direct marketing companies which account for almost a third of total complaints, but less than one in five were willing to submit to a data protection audit.


Ross Brewer, vice president and managing director for international markets, LogRhythm, has made the following comments:


“This year has been punctuated with a number of high profile organisations that have fallen victim to data breach. As a result you would think those deemed high risk* by the ICO would welcome its help in identifying and resolving any potential weaknesses. However, the behaviour of those refusing audits is indicative of the attitude that led to this situation in the first place. Too many organisations are in denial about the scale of the threat and the possibility that they will be affected.”


“One of the main reasons these companies are so in need of the ICO’s help is that they are unlikely to have taken steps to develop a full understanding of their IT systems. All IT networks generate log data that can be used monitor performance and identify anomalies. However, due to a number of factors, including the volume of logs produced and sometimes just plain ignorance, many organisations are not using this crucial information effectively. Aside from accepting the ICOs assistance, these organisations should be looking to implement centralised, automated systems that provide the traceability required to spot weaknesses and, if aberrant activity does occur, provide real-time alerts so immediate action can be taken.”


*Risk assessment took into account a number of factors such as volume and type of data an organisation holds, complaints received by the ICO and cases where enforcement action was considered

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo