WIREDGOV

The Information Commissioner’s Office (ICO) has published a new security report highlighting 8 of the most common IT security vulnerabilities that have resulted in organisations failing to keep people’s information secure. The flaws were identified during the ICO’s investigations into data breaches caused by poor IT security practices. 

Many of these incidents have led to serious security breaches resulting in the ICO issuing monetary penalties totalling almost a million pounds. The breaches could have been avoided if the standard industry practices highlighted in today’s report were adopted.

They include the £200,000 penalty issued to the British Pregnancy Advice Service after the details of service users were compromised due to the insecure collection & storage of the information on their website, and the £250,000 fine issued to Sony Computer Entertainment Europe after the company failed to keep its software up to date, leading to the details of millions of customers being compromised during a targeted attack.

• ICO:  Top IT data security threats revealed and what organisations must do to stop them
• Protecting personal data in online services: learning from the mistakes of others
• SQL injection – what is it and what does it mean for you?
• Password storage – why it’s not as simple as 123…
• Heartbleed and the importance of encrypting internet traffic
• Why today’s IT security report is a must read for all
• Keeping parents informed: what schools need to consider when using email
• It is an increasingly dangerous Cyber World out there
• ICO:  Fining an organisation gets their attention, but a personal fine for the ‘responsible officer’ as well might ensure they became compliant (3rd item)
• ALERT - Mass ‘ransomware’ spamming event targeting UK computer users
• Time for top bosses to start earning their mega-salaries and take e-security seriously
• ICO:  It’s about time Councils started to make this a disciplinary offence for the officer(s) responsible at Chief Officer level (2nd item)