Products

Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

About

With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Data Security and Digital Security Incidents Increased in Q2 2016, Reports ICO

James MacKay
Cyber Security Awareness MetaBlog

about the author

James MacKay

James MacKay is the COO of MetaCompliance and a recognised security awareness training expert. James has a deep understanding of delivering effective Security Awareness Training and is committed to helping organisations keep their staff safe online, secure their digital assets and protect their corporate reputation.

The Information Commissioner’s Office (ICO) found that both data security incidents and digital security events increased in the second quarter of 2016.

Per a study published by the UK independent authority, digital security incidents in general increased by 46 percent in Q2 2016. Exfiltration, or the unauthorized transfer of data from a controller system to a location operated by an attacker, experienced an even bigger jump of 54 percent.

Data Security and Digital Security Incidents Increased in Q2 2016, Reports ICO

A closer look reveals that the healthcare, local business, and government sectors reported the most incidents in the second quarter. Even so, other sectors saw an increase in the number of data security incidents affecting organizations. The education and finance, insurance, & credit sectors saw an increase in events of 18 percent, for example. Meanwhile, charities saw its number of data security incidents grow by 21 percent.

The ICO took it one step further by breaking down its reported data security incidents by type. It found that while some categorizations dropped, others spiked. For instance, incidents involving organizations’ failure to redact sensitive data decreased by 28 percent in Q2 2016. But events involving personal data being posted or faxed to the wrong recipient increased by 18 percent.

As a result of all data security incidents reported in the second quarter, the ICO had no choice but to fine a number of companies, including Whitehead Private Nursing Home Ltd (£15,000), Hampshire County Council (£100,000), and Regal Chambers Surgery (£40,000). Those fines didn’t come close to the £400,000 penalty it issued to TalkTalk in October.

Organizations should take heed of the ICO’s growing number of reports involving data transmission errors. If they want to avoid a hefty fine, they should respond by training their employees to always verify they’re faxing, posting, or otherwise sending personal data to the correct recipient. They can do so via the use of third-party security awareness training software.

Does this type of solution sound of interest to your organization?

If so, contact Metacompliance and learn how its staff awareness services can help your company avoid a call from the ICO.