Government invites further participation in the development of Digital Identities and Attributes Trust Framework
Tuesday, August 10, 2021
The cost of a data breach has risen by almost 10 percent, compared to last year - the greatest spike since 2015 - according to a new report from Atlas VPN. The study reveals that the average cost of addressing a data breach now sits as $4.24 million, a rise of close to $1 million over seven years.
Predictably, there are industry differences, as well as geographical ones. Companies in the US usually pay the most ($9.03 million on average), followed by companies in the Middle East, each losing $6.93 million per incident.
When it comes to industries, the report reveals that healthcare is the worst with average per incident losses of $9.23 million, followed by financial, pharma, technology and energy.
The study also found that as many as 44 per cent of records stolen included some kind of personally identifiable information (PII). Examples of this information include email address, full name, driver’s license number, bank account number, passport number, medical records and in some cases for people that have passed away, date of death. As a result of the global pandemic the number of incidences of deceased identity fraud is growing, where fraudsters steal the identity of someone that has passed away and use it to secure credit and open bogus accounts. And in fact, identity theft of all types is also on the rise, according to the latest data from Cifas.
As a result, in the UK it is recognised by the government that it is increasingly important in this digital age to be able to establish trust, particularly online. This is to be the foundation that thriving markets are built on. Having an agreed digital identity that can be used easily and universally will be the cornerstone of future economies. In February this year the first version of the Digital Identities and Attributes Trust Framework was published. The aim is to create a set of rules, standards, and a governance structure that all organisations involved in creating, using, and managing digital identities agree to follow. Now, six months later the Alpha 2 version has been published and once again the government is inviting industry participation. The consultation is open for responses until 13 September. Version 2 has been expanded to detail the approach to certification; clarifies the intention for roles and relationships; and is better adapted to the needs of different services and use cases.
For more information please visit https://www.gov.uk/government/publications/uk-digital-identity-attributes-trust-framework-updated-version/uk-digital-identity-and-attributes-trust-framework-alpha-version-2