Security: from reactive to proactive - taking a risk-based approach to security
Date:
By: Fran Howarth
Classification: White Paper
Organisations face an increasing amount
of regulation that enforces, among other
things, higher standards of corporate governance.
In Europe, data protection regulatory
compliance is regarded as among the most
onerous and is becoming increasingly more
so. In Germany, the federal data protection
act was expanded in mid-2009 to make data
breach notification mandatory, and to provide
for specific fines and sanctions to be meted out
against organisations that suffer a data loss
as a result of having inadequate data security
controls in place. The UK is using its existing
data protection regulations to force organisations
that suffer a data breach to adopt higher
standards of data governance and is considering
beefing up regulation to allow for fines, and
even custodial sentences, to be imposed.