SEATTLE, January 22, 2014 (ADOTAS) – The Online Trust Alliance (OTA), the nonprofit whose mission is to improve online trust, user empowerment and innovation, today recommended a series of best practices to help prevent online data breaches and other exploits, in collaboration with leading brands such as American Greetings Interactive, AVG, Microsoft, Clearing House Publishers, Symantec and TRUSTe. These recommendations, published today in the OTA 2014 Data Protection and Breach Preparedness Guide, were accompanied by several revealing statistics.
Based on preliminary year-end data from the Open Security Foundation and the Privacy Rights Clearinghouse, the OTA estimated in its guide that more than 740 million records were exposed in 2013, making it made the worst year in terms of data breaches recorded to date. And yet, after analyzing roughly 500 breaches over the past year, the OTA determined that 89% of all breach incidents were preventable if basic security controls and best practices were applied.
“Businesses and organizations have a responsibility to protect consumer privacy and prevent data breaches by aggressive cyber thieves,” Washington State Attorney General Bob Ferguson said. “Consumers deserve to know who they can trust. The Online Trust Alliance provides organizations with critical information to reduce cyber risk and protect consumers. “
The annual guide is released ahead of Data Privacy Day, January 28, which the OTA commemorates by hosting forums and workshops led by cybersecurity and privacy luminaries in New York, San Francisco and Seattle. The events follow several high-profile data breaches involving Target Corporation, Neiman Marcus and Adobe – a worrying trend that is undermining online trust and underscoring the need to implement best practices.
“Data breaches are not new and have been around for some time; However, we are seeing a significant increase in incidents that harm not only consumers but businesses as well, leading to a breakdown in consumer confidence, ”said Tim Rohrbaugh, vice president of information security for Intersections Inc. and member of the OTA board of directors. “Having a rigid, black-and-white approach to security checks and surveillance and not being prepared for an incident will cost businesses more in the end. These town halls are a great place for business leaders from all industries to come together and share best practices for improving security controls, customer data management, and reporting of data breach incidents.
According to the guide, best practices can only be achieved when companies are no longer satisfied with meeting minimum data protection compliance standards. Rather, they must meet their own customers’ much higher expectations for data privacy, adopting a comprehensive data management strategy that protects data throughout its lifecycle from collection to deletion. . These efforts go hand in hand with the development of an effective Data Incident Plan (DIP), a manual that can be deployed at any time, outlining the actions to be taken in the event of a breach. Businesses must be able to quickly assess the nature and extent of an incident, contain it, mitigate damage, and notify all interested parties, including law enforcement and customers. concerned.
“Consumers and businesses are both victims of rapidly escalating hacking attacks and, as stewards of consumer data, businesses have a responsibility to adopt best practices to help protect consumers from harm. Said Craig Spiezle, Executive Director and Chairman of the Online Trust Alliance. “Companies that don’t need to be held accountable, by consumers, regulators and shareholders.
This is because the ramifications of a data breach can be far-reaching and long-term, creating a sort of “business shock,” the guide explains. The consequences include a damaged brand, decreased sales, loss of partnerships with third parties and contractual penalties imposed by customers, partners or service providers.
Ultimately, the guide urges all businesses to accept two basic premises: First, the consumer data they collect invariably contains some form of personally identifiable information. And secondly, at some point, they will inevitably experience data loss. When this happens, it’s best to be prepared.
The 2014 OTA Guide to Data Protection and Breach Preparedness is available at: https://Otalliance.org/Breach.html. A public webinar recapping the guide is being held on February 12 from 9 a.m. to 10 a.m. PST. To register, visit http://bit.ly/1eFddns. Additional quotes from OTA supporters regarding Data Privacy Day and the guide are available at http://bit.ly/1mB3HaA.
Daily workshops on confidentiality
The OTA Data Privacy Day 2014 workshops in New York (January 28), San Francisco (January 30) and Seattle (February 4) are designed to provide companies with prescriptive advice on how to manage data. complex data security and privacy issues, while improving brand confidence and product innovation. Speakers include privacy experts from the FBI, Federal Trade Commission, Secret Service, and Attorney General’s offices in New York, California, and Washington State. The events are organized in collaboration with the Better Business Bureau, Identity Theft Council and InfraGard locals, and are supported by membership from leading organizations such as comScore, Intersections, PwC, Sailthru and TRUSTe. To attend a workshop, visit https://otalliance.org/dpd.html.
About the Online Trust Alliance (OTA)
The Online Trust Alliance (OTA) is a non-profit organization whose mission is to improve online trust and user empowerment, while promoting innovation and the vitality of the Internet. OTA’s goal is to help educate businesses, policymakers and stakeholders while developing and advancing best practices and tools to improve the protection of the security, privacy and identity of people. users. The OTA supports collaborative public-private partnerships, baseline reporting, meaningful self-regulation and data management. His members include federal law enforcement agencies and the world’s leading e-commerce, online banking, online security, and social media companies. For more information visit: https://otalliance.org.