By Damien LEDUC, Head of Ethical Hacking France, BT Global Services
In an environment where computers are ever-present, data security raises a vast amount of issues and questions. The Data Protection Act imposes security and confidentiality obligations on companies, as well as the provision for criminal sanctions. In certain countries such as the US, banks are legally obligated to inform clients concerned by any theft of personal details from their information systems. We can, most notably, quote the example of a leading global financial services firm, dating from last December, who had to individually inform 465,000 card holders that their personal details had been seized by hackers following a cyber attack led against the bank several months previously [source:Reuters]. European and Australian regulations are tending to move towards similar obligations. Consequently, beyond the direct impact of an attack, the indirect impact in terms of image and reputation is of particular importance.
Measures can be taken by banks to improve data protection mechanisms and to prevent risks. [Read more...]