Businesses large and small are continuing to have sensitive data held at ransom and suffer from cyber security breaches. As a result, millions of individuals’ personal data has been compromised, costing businesses billions. For example, 50 million Facebook user accounts were compromised, FIFA documents were leaked, pointing to serious corruption, and around 380,000 British Airways transactions were breached. In many cases, breaches occur a long time before the target is aware or affected users are notified, meaning a lot of damage is done before the issue can be dealt with. For example, in 2013 and 2014, a suspected 3 billion Yahoo users’ accounts were compromised in a breach that was not reported until 2016. Clear reporting procedures are therefore needed to allow all staff to easily report any cyber attacks or suspicions of a breach.
VinciWorks’ cyber security breaches register
Globally, organisations are bound by complex and ever-changing legal and compliance obligations. Without a structured and secure data collection system, businesses waste time and resources ensuring compliance and uncovering business intelligence. Omnitrack is VinciWorks’ solution to collecting, storing and managing data. It allows managers to be instantly notified of any cyber attacks or concerns, subject access requests, policy or procedure updates, and any compliance concerns or questions surrounding the businesses cyber security.
How does the cyber security register work?
Each organisation can create and customise their own cyber security register and it can be integrated with a business’ GDPR registers. Once rolled out, Omnitrack will allow your entire organisation to report on GDPR through a public form. The register works through our three-step process:
Administrators can easily create a form, as well as customise and add any field. The form is then made public to all employees. Admins can easily add or remove form fields to include location, value and date.
Form submissions are then passed to the inbox where the system administrators can review the forms.
The administrator or manager can now decide what gets added to the register, determine the next course of action and prioritise any risks that they may identify.