Category Archives: Data protection

UK Data Protection Bill: No Turning Back Now for GDPR Compliance

by Bharat Mistry

The UK government this week introduced its Data Protection Bill, ending months of speculation over just how committed it was to preserving the country’s fast-growing digital economy. If passed, the new legislation will write into UK law the EU General Data Protection Regulation. The good news is, UK IT and business leaders finally have clarity over the future: the GDPR will still apply post-Brexit. The bad news: there’s little more than nine months before the new regulation comes into force.

That’s why we’ve devoted plenty of time to focus on data protection issues at our upcoming CLOUDSEC conference in London next month. It promises to be a must-see event for any IT decision makers still struggling to comply with the sweeping new laws. Continue reading

CLOUDSEC 2017: Game of Thrones Hack Tells Us IP Theft is Still a Major Risk

by Ross Dyer

It’s difficult to even discuss data breaches today without referencing the European General Data Protection Regulation (GDPR). With less than a year to go, it is a major area of focus for UK IT leaders keen to avoid mandatory breach notifications and potentially astronomical fines. Yet breaches aren’t all about the customer data governed by the GDPR, as HBO found out this week. Hackers have reportedly made off with 1.5TB of data from the US TV network, uploading a script from an upcoming Game of Thrones episode and two full episodes.

It’s a good example of why IP theft-related risk should be just as big a driver of improving cybersecurity as attacks targeting customer data. Fortunately, attendees at this year’s much anticipated CLOUDSEC event will have some great learning opportunities designed to help them bolster defences against just such attacks. Continue reading

Leading Law Enforcers Set to Speak at CLOUDSEC 2017 Following Major Darknet Takedowns

by Bharat Mistry

Cybercrime remains largely unique: it is without borders and offers perpetrators a great degree of anonymity, meaning most escape justice. But that’s changing, as some excellent policing work in recent days has shown. The takedown of two of the world’s biggest darknet marketplaces, AlphaBay and Hansa, illustrated what can be achieved when law enforcers work effectively with each other across borders.

Yet despite these successes, cross-border collaboration and public-private sector initiatives are still relatively new. That’s why we’ve invited representatives from the FBI, GCHQ, and Interpol to share their experiences at Trend Micro’s upcoming CLOUDSEC 2017 conference in September. Continue reading

AA Fiasco Highlights Importance of an Effective Incident Response Plan

by Simon Edwards

Security experts have for years been urging organisations to adopt a data breach posture of “not if but when”, and to develop and test incident response plans accordingly. With sweeping new EU regulations coming into force early next year, those plans have never been more important. For those CISOs looking for a real-world example of what can happen when things go awry, look no further than the cautionary tale of automobile giant the AA. Continue reading