As businesses across multiple industries make the push to become more technologically savvy, it's crucial that they take the necessary precautions to prevent data breaches. Cyber attacks can happen to companies of all sizes, so creating a comprehensive disaster recovery plan is essential for an organization to stay successful.
Even the government cannot avoid computer-centered attacks. This blog has previously discussed instances where hacking has occurred to highly-esteemed companies, but the U.S. privacy commissioner, Maria Shroff, referred to 2012 as "the year of the data breach" in her annual report.
Specifically mentioned in Shroff's analysis was the Accident Compensation Commission's (ACC) unintentional release of data on more than 6,500 clients in March and the more recent leakage in the Ministry of Social Development's kiosks.
"It is clear that people believe regulators should have – and use – the ability to call agencies to heel," Shroff said in the report. "For instance, in our public opinion survey earlier this year, 97 percent of respondents said that the privacy commissioner should have the power to order an agency to comply with the law, and 88 percent said they wanted businesses punished if they misuse people's personal information."
Shroff added that the commissioner's office might have valued goods in the form of personal data, and the ability to distribute it through online networks, but it has at times lacked cross-border enforcement mechanisms and regulatory solutions for when things go wrong.
Additionally, privacy risk management should be recognized as a responsibility for the whole of the company.
Comprehensive assessments of a business are necessary to accurately calculate risk. In order for quick business resumption to occur following any type of security breach, a thorough disaster recovery plan needs to be in place.