back to article EU study frowns over data breach notification rules

A new EU study has identified risk prioritisation, enforcement and resources as key issues in applying data breach notification rules. ENISA, the EU’s cyber-security agency, launched its investigation on data breach notification rules against a backdrop of steadily rising incident of personal information disclosure breaches. …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

The have created their own problems

As far as I am aware, the EU data breach legislation requires you to notify even if the lost media or computer was encrypted. This is unlike other legislation which only requires notification if it was not encrypted.

Could be a bit of empire building here and the usual government bloating of staff and tax grabbing. The legislation has some review time to go, lets hope that some sense is introduced.

1
1
Headmaster

RE: The have created their own problems

"As far as I am aware, the EU data breach legislation requires you to notify even if the lost media or computer was encrypted. This is unlike other legislation which only requires notification if it was not encrypted."

Given the 1st electronic computer was designed to break encryption systems, and the recent demo's of cloud computing brute force attacks,

Unencrypted = Readable now

Encrypted = Readable later (later being as short as a few minutes)

1
0
Linux

Afraid of the PR effect of a breach?

So the firms are worried telling customer they fucked up will hurt the bottom line?

Good!!!!! It should. The solution isn't not to tell customers, it's to not fuck up.

2
0
Silver badge
Big Brother

Can we solve the shifting of all bank details and airline PNRs to US surveillance first please?

Till that's is sorted, I won't notify about anything.

2
0
Happy

Focusing the CEO & CFO's mind

The possiblity of being on the front page of every news paper as you just lost 2m bank account details, does focus the mind of the CEO & CFO of companies on that horible techy IT stuff.

The horible techy IT stuff being where the CIO is explaining he needs more staff and budget to protect the company's assests and reputation.

Forcing public disclosure will "up the game" of every company's secuirty standards and practices.

1
0
This topic is closed for new posts.

Forums