Thursday, 31 March 2011
A timely reminder about Data security
This week I attended a seminar on how to be a SIRO, Senior Information Risk Owner
In other words how to protect the organisation from data abuse.
In an age where we are trying to encourage staff to use data and information properly it was useful to be reminded of how things go wrong. In particular we looked at a few examples across the UK and how disaster can be avoided.
The role and value of data and information has changed and become much more valuable as an asset to our organisation
In essence information is;
o A political issue
o A key asset
o A toxic liability
So we considered the challenges that face all organisations and specifically by senior managers. These included:
a. There is less money to spend on protection. It is seen as an overhead
b. Sometimes there is a lack of Board support
c. Whatever we do, we need to “apply controls without strangling the business”
d. Our response needs to be Proportionate
e. As well as our own people we need to manage the access of external partners
f. We must create and deliver a mature approach with staff
g. We need to make data security relevant to staff
The challenge to leaders therefore is to Lead and Foster cultural change in a rapidly changing technological world.
Whilst we try to create the right balance we need to understand that people coming into our organisations have different expectations and understanding of what technology can do.
CPNI good practice guidance on their website
We considered why people abuse data and information. These included
o Personal Financial benefit
o Coercion by another
o Revenge against an individual group or the organisation
o A sense of Noble Cause
o For Political benefit either party or other
o Perhaps even to gain a sense of Emotional gain
In other words there are a range of reasons and these are not unique or exclusive
It was a useful session delivered well by the NPIA and particularly the ACPO lead.
A very valuable day……………..now where did I put that USB.Drive
Labels: police it security
Popular Posts in last 7 Days
Today HRH Prince Charles visited Cumbria and was given the opportunity to meet a range of people, businesses and buildings across the county...
Ransomware Seminar 19th May 09.30-11.30 Ransomware is now one of the biggest threats to industry, charities, health and citizens. Fin...
The guy behind the swim is Najib Belhadi Here is his swimming CV http://openwaterpedia.com/index.php?title=Nejib_Belhedi A remarkable and...
I am helping Leeds University with a business Cybercrime Survey go to www.bit.do/cybersurvey to complete it or use the QR code. Many tha...
There is a great deal of debate underway on an OJEU notice that WMP and Surrey have posted. The notice was signed by a number of forces wh...
So we started the day with some trepidation or at least I did. A longer swim than ever before for Me. A stroll in the lake for Tom and Mich...
On Friday 2nd March I gave a presentation to students at the University of Cumbria. This is the presentation (unfortunatly plus a few minor ...
ECPAT is an international charity aiming to tackle Child Prostitution and Trafficking. It is a great charity and here is a tale of what som...
The company Wethersoons seems to have been hit by the next in a long series of hacks. See http://www.computerweekly.com/news/4500260119/Wet...
Bramshill is seen by many in policing here in the UK and abroad as a jewel in the crown of law enforcement. It is a mixture of operational c...