This year’s Infosecurity Europe will be the first to take place under the new data protection regime brought in by the long-awaited EU GDPR. It’s going to be interesting to see how much coverage the new law gets. I’d wager, more than you’d think, because compliance doesn’t end on 25 May — for many firms, it will only start once the reality of the new legislation hits home. As we were reminded this week by a £120,000 fine handed down to Greenwich University, the regulator will come down hard on organisations that fail on cybersecurity. Continue reading →
The EU General Data Protection Regulation (GDPR) is a lengthy piece of legislation, even by European Commission standards. If nothing else, this drives home just how far-reaching and detailed it is. Yet many organisations currently grappling with compliance find it frustratingly short on some of the most important details. New Trend Micro research has found that confusion over some of the key terms in the legislation could mean many aren’t implementing the right cyber-security technologies to keep them compliant.
Layered security is the only way to ensure maximum threat protection, although we’d also encourage regulators to ease the compliance burden by providing more clarity to organisations. Continue reading →
It’s difficult to even discuss data breaches today without referencing the European General Data Protection Regulation (GDPR). With less than a year to go, it is a major area of focus for UK IT leaders keen to avoid mandatory breach notifications and potentially astronomical fines. Yet breaches aren’t all about the customer data governed by the GDPR, as HBO found out this week. Hackers have reportedly made off with 1.5TB of data from the US TV network, uploading a script from an upcoming Game of Thrones episode and two full episodes.
It’s a good example of why IP theft-related risk should be just as big a driver of improving cybersecurity as attacks targeting customer data. Fortunately, attendees at this year’s much anticipated CLOUDSEC event will have some great learning opportunities designed to help them bolster defences against just such attacks. Continue reading →
All over the UK people woke up this morning to something many thought would not happen: Britain voting to leave the European Union. It will take years and possibly even decades before we fully appreciate the repercussions. But from a data protection and privacy perspective, little in reality will change. The UK can’t afford to let its digital economy be locked out of Europe, which is why the government is likely to enforce laws on a par with the forthcoming European General Data Protection Regulation (GDPR)
The message is clear for UK IT security bosses: stay on the path towards GDPR compliance. Continue reading →