Welcome!

News Feed Item

New ISACA Data Privacy Task Force to Help Businesses Manage Growing Online Issues

ISACA, a nonprofit association, marked Data Privacy Day with the announcement of a global task force on data privacy that will address the needs of businesses and government organizations worldwide. The Privacy Advisory Task Force will drive research, guidance and advocacy, and will help IT security, risk, governance and assurance professionals use the COBIT framework to manage the rapidly growing issues related to the use of information online.

Compromised data can be costly, averaging $5.5 million per organization, according to the seventh annual Ponemon Cost of a Data Breach report. Enterprises also face rising regulatory pressures. In the US, potential changes include the proposed APPS Act, which would obligate mobile application developers to be more transparent about the use of personal data; the Federal Trade Commission’s adoption of amendments to the Children’s Online Privacy Protection Rule (COPPA); and the long-awaited final omnibus rule on HIPAA from Health & Human Services, which expands liability for businesses (and their subcontractors). Organizations conducting business in Europe face the proposed EU General Data Protection Regulation, a sweeping plan to standardize privacy requirements across all EU countries.

ISACA analysis shows that these challenges are amplified for multinational companies by the absence of global standards and the rise of mobile devices and cloud computing, which make it easy for data to travel across borders. Yet ISACA’s 2012 IT Risk/Reward Barometer revealed that only 16 percent of organizations forbid cross-border travel with company data on mobile devices.

“The current debate about data privacy is just the tip of the iceberg. As technologies like Big Data and mobile devices keep making it easier to offer better customer service and online access, enterprises will experience growing pressure to collect and share private information,” said Jeff Spivey, CRISC, CPP, PSP, international vice president, ISACA, and vice president, RiskIQ. “Companies want guidance on how to strike the right balance between profiting from data and protecting data.”

As a Data Privacy Day Champion, ISACA recognizes that organizations have a responsibility to secure their part of cyber space and the networks they use. ISACA’s Privacy Advisory Task Force will focus on defining and prioritizing the knowledge needs and services valued by those who manage or support privacy initiatives. ISACA members include chief privacy officers (CPOs) and chief information security officers (CISOs) from a range of Fortune 500 companies. Task force participants represent all regions worldwide and will be announced in February 2013.

“NCSA is pleased ISACA is supporting Data Privacy Day and providing a larger year-round strategy and offerings to help businesses and government organizations manage data privacy issues from an IT risk perspective. Respecting privacy and safeguarding data are responsibilities we all share,” said Michael Kaiser, executive director, National Cyber Security Alliance.

ISACA’s privacy guidance includes:

About ISACA

With 100,000 constituents worldwide, ISACA (www.isaca.org) is a nonprofit association providing knowledge, certifications and education on information systems assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. ISACA offers the CISA, CISM, CGEIT and CRISC certifications and developed COBIT.

Twitter: https://twitter.com/ISACANews
ISACA Knowledge Center: www.isaca.org/knowledge–center

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Things are changing so quickly in IoT that it would take a wizard to predict which ecosystem will gain the most traction. In order for IoT to reach its potential, smart devices must be able to work together. Today, there are a slew of interoperability standards being promoted by big names to make this happen: HomeKit, Brillo and Alljoyn. In his session at @ThingsExpo, Adam Justice, vice president and general manager of Grid Connect, will review what happens when smart devices don’t work togethe...
SYS-CON Events announced today that Ocean9will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Ocean9 provides cloud services for Backup, Disaster Recovery (DRaaS) and instant Innovation, and redefines enterprise infrastructure with its cloud native subscription offerings for mission critical SAP workloads.
In his session at @ThingsExpo, Eric Lachapelle, CEO of the Professional Evaluation and Certification Board (PECB), will provide an overview of various initiatives to certifiy the security of connected devices and future trends in ensuring public trust of IoT. Eric Lachapelle is the Chief Executive Officer of the Professional Evaluation and Certification Board (PECB), an international certification body. His role is to help companies and individuals to achieve professional, accredited and worldw...
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle.
Providing the needed data for application development and testing is a huge headache for most organizations. The problems are often the same across companies - speed, quality, cost, and control. Provisioning data can take days or weeks, every time a refresh is required. Using dummy data leads to quality problems. Creating physical copies of large data sets and sending them to distributed teams of developers eats up expensive storage and bandwidth resources. And, all of these copies proliferating...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm. In his Day 3 Keynote at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, will explore t...
SYS-CON Events announced today that Technologic Systems Inc., an embedded systems solutions company, will exhibit at SYS-CON's @ThingsExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Technologic Systems is an embedded systems company with headquarters in Fountain Hills, Arizona. They have been in business for 32 years, helping more than 8,000 OEM customers and building over a hundred COTS products that have never been discontinued. Technologic Systems’ pr...
SYS-CON Events announced today that CA Technologies has been named “Platinum Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business – from apparel to energy – is being rewritten by software. From ...
The taxi industry never saw Uber coming. Startups are a threat to incumbents like never before, and a major enabler for startups is that they are instantly “cloud ready.” If innovation moves at the pace of IT, then your company is in trouble. Why? Because your data center will not keep up with frenetic pace AWS, Microsoft and Google are rolling out new capabilities In his session at 20th Cloud Expo, Don Browning, VP of Cloud Architecture at Turner, will posit that disruption is inevitable for c...
SYS-CON Events announced today that Cloudistics, an on-premises cloud computing company, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Cloudistics delivers a complete public cloud experience with composable on-premises infrastructures to medium and large enterprises. Its software-defined technology natively converges network, storage, compute, virtualization, and management into a ...
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor - all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
Deep learning has been very successful in social sciences and specially areas where there is a lot of data. Trading is another field that can be viewed as social science with a lot of data. With the advent of Deep Learning and Big Data technologies for efficient computation, we are finally able to use the same methods in investment management as we would in face recognition or in making chat-bots. In his session at 20th Cloud Expo, Gaurav Chakravorty, co-founder and Head of Strategy Development ...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
What if you could build a web application that could support true web-scale traffic without having to ever provision or manage a single server? Sounds magical, and it is! In his session at 20th Cloud Expo, Chris Munns, Senior Developer Advocate for Serverless Applications at Amazon Web Services, will show how to build a serverless website that scales automatically using services like AWS Lambda, Amazon API Gateway, and Amazon S3. We will review several frameworks that can help you build serverle...
SYS-CON Events announced today that Loom Systems will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Founded in 2015, Loom Systems delivers an advanced AI solution to predict and prevent problems in the digital business. Loom stands alone in the industry as an AI analysis platform requiring no prior math knowledge from operators, leveraging the existing staff to succeed in the digital era. With offices in S...