Real World Risk Management Practical HR Resources
welcome
Are you a new user?
REGISTER HERE





RETRIEVE PASSWORD

Data Compliance Audit: A Double-Edge Sword When Defending Data Security Claims

The Thales Data Threat Report of 2024 highlights a 27 percent surge in ransomware attacks, with eight percent of affected companies paying the ransom.

Data breaches were tied to 43 percent of enterprises failing compliance audits, mainly due to human error. Human error continues to be the leading cause of data breaches for enterprises.

Malware was identified as the fastest-growing threat, affecting 41 percent of enterprises surveyed. Cloud assets, such as SaaS applications and cloud-based storage, are prime targets for cyberattacks.

Global cybercrime is projected to reach $10 trillion annually by 2025, according to the report. https://www.globaldata.com/newsletter/details/ransomware-surges-as-compliance-falters-thales-group_350223/

Commentary

The report notes the importance of compliance and that it is crucial for data security, as compliant companies are less likely to experience security breaches.

A common mechanism for determining compliance is a security compliance audit; however, a compliance audit is a two-edge sword. One edge spotlights your system's vulnerabilities which is always helpful so you can address where your system is weak.

The other edge is if you do not address your system's vulnerabilities, then the audit is the framework for litigation and regulatory action post-breach. 

The failure to address an uncovered vulnerability thoroughly and within a reasonable period of time will be considered evidence that data security was neglected, even if a known vulnerability was not the cause of a breach.

The takeaway is that compliance audits are crucial and that organizations should perform audits regularly, but organizations must also make available the resources, finances, and personnel to meet any discovered deficits discovered in an audit in a timely manner. Importantly, organizations must document and maintain records of their compliance efforts.



 

 

Finally, your opinion is important to us. Please complete the opinion survey:

Cybercriminals: Now Targeting Apple Users

Apple devices are emerging as a new target for cybercriminals who are using proven social engineering tricks. What steps can users take to limit their risk?

read more

Ask Jack: Why Shouldn't I Use My Work Computer For Online Games?

Kids like to game on any device. Work devices are no exception. Jack explains why games should not be played on work devices.

read more

Cybercriminals Are Using Booking.Com Refund Ploy As Bait

Everyone likes a refund, cybercriminals know this, so they are using this tactic to spread malware. We examine ways to minimize your risk.

read more

Ask Jack: Is AI A Threat. . . Now?

For months, experts have predicted that artificial intelligence (AI) will change the cyber defense landscape. Jack details a report that states it is now here.

read more