Category Archives: Privacy

CNI Firms: Layer Up Security to Help Meet NIS Directive Obligations

by Bharat Mistry

There’s a major new piece of EU cybersecurity-related legislation landing in May, but it might not be the one you’re thinking of. Most UK organisations have their eyes firmly focused on the General Data Protection Regulation (GDPR). But arguably just as important for companies operating in critical infrastructure sectors is the new Security of Network and Information Systems (NIS) Directive. It introduces a range of best practice security steps which organisations must follow: fail to do so and you could face a GDPR-sized fine of up to £17m.

The government has already committed to transposing the directive into UK law irrespective of Brexit. With a 10 May deadline looming, the clock is ticking. Continue reading

Elephant in the Boardroom: UK Firms Lack GDPR Compliance Leadership

by Bharat Mistry

The EU General Data Protection Regulation (GDPR) is one of the most important and far-reaching pieces of legislation ever to come out of Brussels. That’s part of the reason so much has already been written about it. But before you reach GDPR-saturation point, consider new findings from a comprehensive new Trend Micro study which has revealed a worrying lack of leadership from senior executives when it comes to compliance efforts.

More concerning still, three-quarters (73%) of UK IT bosses we spoke to weren’t even aware of the potentially huge fines in store for non-compliance. With a 25 May 2018 deadline fast-approaching, time is running out. Continue reading

UK Data Protection Bill: No Turning Back Now for GDPR Compliance

by Bharat Mistry

The UK government this week introduced its Data Protection Bill, ending months of speculation over just how committed it was to preserving the country’s fast-growing digital economy. If passed, the new legislation will write into UK law the EU General Data Protection Regulation. The good news is, UK IT and business leaders finally have clarity over the future: the GDPR will still apply post-Brexit. The bad news: there’s little more than nine months before the new regulation comes into force.

That’s why we’ve devoted plenty of time to focus on data protection issues at our upcoming CLOUDSEC conference in London next month. It promises to be a must-see event for any IT decision makers still struggling to comply with the sweeping new laws. Continue reading

Layered Protection: The Only Cure for the Ransomware Epidemic

by Raimund Genes

What’s the number one challenge facing CISOs today? It’s not compliance, budgetary concerns, securing cloud computing or even data breaches – as important as all of these issues are. It’s ransomware. Every day there seems to be a new outbreak. The latest is a double-edged attack campaign apparently combining ransomware and DDoS. But while many cybercriminals are keen to exploit your organisation’s weakest point – its users – via web and email channels, some are looking to attack other parts of the IT infrastructure such as the network and servers.

That’s why CISOs need to ensure their organisation implements layered protection covering all possible weak points. It’s the only way to ensure you stand the maximum chance of avoiding ransomware infection. Continue reading