With one month to go until the GDPR compliance deadline, there are many organisations still struggling to get the right security processes and controls in place. A new global poll of senior legal officers from KPMG found that over half of (54%) feel their businesses is not prepared for the new privacy laws. Yet it doesn’t have to be this way. The biggest challenge with regulations like GDPR has been interpretation not only for the organisation but also for the certifying body. In the case of GDPR these are written in legal terms as opposed to technological ones, making it challenging to know what exactly needs to be done in order to be compliant. Proven frameworks such as NIST 800-53 can support a solid information security programme to help appease regulators. Continue reading →
Did you know it’s Safer Internet Day today? The global awareness-raising event plays an important role in promoting mutual respect online and the responsible use of technology. The latest research released to coincide with the event highlights perfectly the light and shade of the internet world. Some 40% of 8-17-year-olds said they’ve felt worried or anxious online in the past week, but on the other hand, 83% said they’ve experienced kindness on the internet over the past year.
At Trend Micro, we’re busy all week with a range of activities designed to promote the positive, while raising awareness of the dangers facing young people online. Continue reading →
The EU General Data Protection Regulation (GDPR) is a lengthy piece of legislation, even by European Commission standards. If nothing else, this drives home just how far-reaching and detailed it is. Yet many organisations currently grappling with compliance find it frustratingly short on some of the most important details. New Trend Micro research has found that confusion over some of the key terms in the legislation could mean many aren’t implementing the right cyber-security technologies to keep them compliant.
Layered security is the only way to ensure maximum threat protection, although we’d also encourage regulators to ease the compliance burden by providing more clarity to organisations. Continue reading →
Regulator the US Food and Drug Administration (FDA) has just released new security guidance for medical device manufacturers as part of a major push to improve information security in the healthcare sector there. With its recommendations to follow industry frameworks like NIST, improve information sharing and adopt best practices around vulnerability disclosures, it’s a long overdue and positive step from the agency. So what of the UK’s healthcare sector?
With the EU General Data Protection Regulation (GDPR) fast approaching, I’m afraid to say things are still far from where they should be. Healthcare is by a country mile the worst offender when it comes to data security incidents. It’s time that changed. Continue reading →