Data Breaches  

A List of Data Breaches are displayed at Wikipedia, some of which in 2018 are as below.

Entity Records Organization type Method
Centers for Medicare & Medicaid Services 75,000 healthcare hacked
Facebook 50,000,000 social network poor security
Ticketfly (subsidiary of Eventbrite) 26,151,608 ticket distribution hacked
AerServ (subsidiary of InMobi) 75,000 advertising hacked
MyHeritage 92,283,889 genealogy unknown
Google Plus 500,000 social network poor security

.

Besides these, you may have heard about the recent data breach incidents at Starwood with a reported number of around 500 million involved customers. No organization is absolutely risk-free from data breach, which is of critical damages to corporate image and brand value. With the rapidly increasing uses of subcontracted data processing, data centers, and cloud services, such risks are significantly growing in the meantime.

GDPR

With the implementation of General Data Protection Regulation (GDPR), EU’s enhanced regulation for data protection, from 25 May 2018, an organization of data breach may suffer from a large amount of penalty due to absence of due diligence in data protection.

Supports by DQS

The information security risks can only well addressed with a systematic approach in an organization. Considering the increasing needs from varying industries, DQS has enhanced our professional services to help organizations to mitigate the risks from potential data breaches.

To organizations

DQS is providing:
a) ISO 27001:2013 certification to all kinds of organizations, or parts of organizations, with sensitive information,
b) ISO 20000-1:2018 certification to organizations with IT service, and
c) non-certification audits against above standards.

To employees

To improve the personal skills, DQS Academy is providing:
a) IT Security Professional courses certified by EC Council, such as Certified Ethical Hacker and Computer Hacking Forensic Investigator, to persons in cyber security field, and
b) information security management courses certified by PECB, such as ISO 27001 Lead Auditor, Penetration Test Professional, and Data Protection Officer, to persons in information security management field, and
c) internal auditor lecturing courses by DQS HK for standards like ISO 27001, to ISMS responsible persons.

Never be too late to prepare for business sustainability.