Security budgets increase due to EU data protection laws
Posted on 05 March 2012.
Tufin announced the results of a survey assessing how the recently announced updates to EU Data Protection legislation will impact IT compliance efforts.


42% of the 100 network security managers sampled by the firewall management software provider said the proposed changes led to increased risk awareness within their organization.

34% stated that their attitude towards Continuous Compliance had changed as a result, and 54% believe that automating audits would reduce the organizationís risk of violating the law.

Tufin executed this survey in response to the January 2012 announcement by European Commissioner for Justice that outlined plans to enhance data protection rights for individuals across Europe and increase the responsibility and accountability of organizations handling records containing the information of EU citizens.

If adopted, the new legislation would apply to all organizations that do business in Europe. The draft guidelines reflect a growing concern about the way in which personal details are captured, handled and stored in todayís highly complex information age.

Proposed changes include severe fines of up to 2% of revenues for privacy violations and a requirement that, under certain circumstances, organizations report privacy breaches to authorities and affected individuals within 24 hours of the breach being noticed.

Tufin asked respondents what they felt was best way to reduce the risk of a fine due to non-compliance. Feedback from survey respondents was just as interesting as the statistical data: one IT security professional said that good company security standards would assist in this regard, while another professional favored a strict compliance strategy, with "data security awareness program across the organizations - and online monitoring of compliance checks - helping in reducing the risk of fines due to non-compliance."

Another IT security professional was in favor of even more draconian penalties, pressing for legislation that directly (financially) penalizes staff for actions that cause a breach.





Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //