Nationwide, the building society, has been heavily fined by the UK´s financial regulator for weak data security following the theft from an employee’s home of a laptop containing confidential data of almost 11 million customers. In light of the lax security that made this possible, and the fact that the Nationwide did not start an investigation until three weeks after the theft, the building society was fined £980,000.
The size of this fine should send a clear message not only to banks and building societies but to businesses in all sectors: customer data is a top priority and businesses that fail to put in place appropriate security measures can expect harsh penalties. This is a wake up call that must be heard and we will hopefully see many more businesses stepping up their infosecurity compliance as a result.
In addition to our existing expert guides and toolkits, which make ISO 27001 compliance and certification accessible and affordable for most businesses, we are presently working on a new software solution that will simplify matters even further – expect more news at Infosecurity Europe next month.