Data Security Challenges in Today's World
In a TASS press conference titled "Data Leaks as a Socio-Economic Problem," Mikhail Smirnov from the CIRCON Group revealed some eye-opening findings. According to a study conducted by BISA and InfoWatch Group, a staggering 53% of business reps view data leakage as a significant issue, with another 14% considering it extremely critical. The study identified personal data loss, payment info leaks, and commercial secret exposures as the most damaging.
Smirnov highlighted that data leaks are not just an economic issue but a social concern affecting both businesses and consumers. The hardest-hit sectors include retail, telecoms, government, media, and tourism, among others.
Nikita Kislitsyn, F6's technical director, emphasized the severity of the threats. This year alone, nearly 100 million personal data records have been exposed, suggesting that the cumulative leaks over the years likely affect almost every economically active citizen. Kislitsyn points out that large online stores, which collect vast amounts of personal data but invest insufficiently in protection, are often the culprits.
No comment was received from Ozon and Wildberries regarding this issue. Miloš Vagner, deputy head of Roskomnadzor, urges businesses collecting large amounts of data to concentrate their efforts on combating leaks. He questions the need to store all this data and reminds businesses of the requirement to delete data once it's no longer needed. Vagner also warned of increasing interest in personal data from both competitors and cybercriminals.
On May 30, a new law was enforced that introduces reverse fines for severe personal data leaks. The law increases liability for legal entities from 150,000 to 300,000 rubles, and offers criminal penalties for creating websites or pages for illegal data storage and transfer, punishable by up to 5 years in prison. Unauthorized data usage, transfer, collection, and storage can lead to 4 years in prison. In cases of grave consequences or organized groups, the penalty can be up to 10 years in prison.
The law also imposes liability for not reporting the start of personal data processing and for hiding information about leaks from RKN. "I call on 75% of respondents who have yet to comply with their obligation to report by May 30," said Vagner.
InfoWatch reports that 7% of companies are unaware of legal changes, and another 21% consider these changes unimportant. However, many businesses have taken the changes seriously, planning to educate their employees and prepare for additional checks. InfoWatch President Natalia Kasperская noted that 45% of businesses have leaders and employees who don't understand information security is a problem for the entire staff. Furthermore, 14% of respondents said that their colleagues need to be instructed on the importance of information security, and 17% of respondents believe that new technologies for information protection are essential for improved work.
A recent comment from Wildberries & Russ's press service stated that the company hasn't experienced any data leaks and that they make every effort to secure buyers' and sellers' data, minimizing its processing to maintain maximum security and confidentiality. The company also follows the principle of "interactive transparency," increasing the cyber-awareness of their users and partners.
- Mikhail Smirnov, from the CIRCON Group, stated that data leaks are not just an economic issue but a social concern affecting both businesses and consumers.
- The study conducted by BISA and InfoWatch Group identified certain sectors as the hardest-hit by data leaks, including retail, telecoms, government, media, and tourism.
- InfoWatch President Natalia Kasperская noted that 45% of businesses have leaders and employees who don't understand that information security is a problem for the entire staff.
- The law enforced on May 30 introduces reverse fines for severe personal data leaks and offers criminal penalties for unauthorized data usage, transfer, collection, and storage, which can lead to up to 10 years in prison.
