Most Retailers Haven’t Fully Tested Their Breach Response Plans

Most Retailers Haven’t Fully Tested Their Breach Response PlansMore than 20% lack a breach response plan altogether, a new survey shows.Nearly 75% of IT security professionals from the retail industry say their companies do not have a fully tested plan to address a security breach, according to a Tripwire report today.
Some 28% of survey respondents do have a fully tested breach plan, while 21% lack a plan altogether, the report notes.
Additionally, 21% of survey respondents say they don’t have the means to notify customers of a data breach within 72 hours of its occurrence. That runs counter to the requirements of the General Data Protection Regulation (GDPR), which in May begins the financial penalty phase for noncompliance. GDPR fines can reach as high as 4% of a company’s revenues.
Only 23% of survey respondents feel fully prepared to incur financial penalties, the survey says. “Considering the amount of high-profile data breaches that have occurred recently, plus the continued discussion around GDPR, it is surprising and concerning that many retailers do not have a tested plan in the event of a security breach,” says Tim Erlin, vice president of product management and strategy at Tripwire, in a statement.
Read more about the survey here.



加强网络安全教育 筑牢保密安全防线 –包头市教育局组织召开网络安全…
网络安全法视频宣传片 第二集 国家网络安全的现状与重要性概述
韩国2018年国防预算同比增7% 增幅创9年来新高