September 27, 2010
CJOB|680′s Geoff Currier recently asked me to participate in his live radio program called “The Nighthawk”. Geoff and callers raised a number of issues related to privacy and access to information law including the following question that Geoff asked… “Once I go on Twitter/Facebook, do I automatically surrender my privacy rights? In Vancouver wherein an alleged gang rape and some photos of the victim were posted online and distributed out there…what does our law say about that? You are standing on Portage & Main and you kiss your wife and I happen to take a photograph of that… is that an invasion of your privacy?” To hear the answer to this and other questions please listen to the live broadcast recording here>>.
Thanks to Geoff Currier and CJOB|680 for the invitation to participate in the program.
September 16, 2010
PriceWaterhouseCoopers (PWC) has just released its Global State of Information Security Survey, which says that corporate spending on data security will increase sharply in the coming years. ComputerWeekly.com reports that more than half of respondents to the PWC survey say that their companies plan to spend more on technological defences against security breaches, an increase of 14% from last year. The survey also reveals that the impact of security breaches is growing. According to ComputerWeekly.com ”the number of companies reporting financial losses from data breaches increased 6% in the past year to 20%, up from only 8% in 2008. Intellectual property theft has increased to effect 15% of companies reporting data breaches, up from just 5% in 2008. An increase in the number of sophisticated attacks aimed at stealing information from specific companies is also driving increased security spending according to the Financial Times.”
The PWC survey demonstrates that spending is shifting to monitoring of company networks, at a time when more employees are bringing their own PDA’s and computers into the workplace. But as PWC states, businesses should be making employees the first line of defence against data leaks.
The PWC survey and commentary serves as a reminder of the need to focus resources for data security (and privacy law compliance) strategically. This means investing in technological safeguards but it should mean investing in privacy training for your staff. It’s an important point because so many of the privacy breaches these days result from mistakes, or human error, by one’s own employees. I’d suggest that you compare your organization’s line item for network monitoring with your line item (if it exists) for privacy training. Are your privacy risk mitigation efforts as strategic as they could be?