GDPR enforcement comes into effect today and the person responsible for overseeing and enforcing its implementation in the UK is Information Commissioner Elizabeth Denham - so its time to learn more about her.
Half of companies surveyed suffered a third-party data breach - Why? One possible answer is that the relative costs of breaches - especially the very high-profile ones - aren't painful enough long-term to prompt a major security overhaul.
In the first instance, organisations need to discover which repositories, assets and applications are holding data. The second step is to classify and understand all data in the context of all related business processes.
Businesses may feel more comfortable with their data stored within their own walls, but private clouds will generally be slower to patch security gaps, leaving them exposed to potential data breaches and compliance holes.
Mobile devices are more vulnerable to data leaks, given that they can be lost or stolen and can often result in lost or deleted data; the legal ramifications for this are the same as with any other device under the GDPR
The first and most vital thing for SMEs is to reframe the way in which they view GDPR. In many ways, the regulations will help companies better their structure, security and awareness of data, which can only be a good thing.
Hashed email addresses do not provide any significant protection for consumers as many firms are now offering services that can reverse email hashing to correctly guess consumers' email addresses, security experts warn.
It is vital to keep track of your data by continuously looking out for your data appearing "outside the perimeter," and quickly addressing any leaks - much like having CCTV or a security guard protecting your office and car park.
A Vanderbilt University researcher is claiming more than 2,100 patient deaths are linked to hospital data breaches each year.
A US federal judge in California Friday ruled Yahoo must face many of the claims brought against it in a lawsuit concerning the massive data breaches affecting three billion users that the company announced in 2016.
We are seeing a shift in people's perception of how their personal data is collected, stored and used. Large-scale data breaches have raised the level of awareness in the general public, and shone a light on the role of data aggregators.
It quickly becomes obvious that traditional methods of data security on their own aren't sufficient to provide complete data visibility, but an effective defence strategy must adequately cover all zones in which data can be accessed.
Companies struggle to understand, let alone quantify, their data risk and exposure. A new approach unites data operators managing and securing data with data consumers who need data to do their job.
As typical with most breaches initially underestimating the overall impact of a cyber-security "incident," the hack of the Massachusetts Department of Revenue in the US was more than twice as large than originally anticipated.
More data and hack case studies should allow professionals to take a step back and place attacks into a broader context, harnessing the power of AI to learn from these breaches.
Data controllers and processors are required to carefully think about the ways to effectively secure personal data and take all necessary steps in this respect to prevent possible infringements of the Regulation.
Having good privacy processes go well beyond GDPR compliance. Organisations which have better privacy maturity experience fewer and less costly breaches of their data, compared with 74 percent of privacy-immature organisations.
Choosing the right NoSQL provider is paramount. Built in security, rather than tacked on as an afterthought, can help take the onus off the developer and may make the difference between being breached or not.
The four main breaches of 2017 had various things in common. No matter how sophisticated the attack, they could all have been avoided. Whether due to a lack of interest, focus, urgency or all three, bad decisions were the key culprit.
Ultimately, responsible handling of data is not about avoiding fines: it is about safeguarding reputation. You can put a price tag on non-compliance with the GDPR, but what price loss of shareholder and customer confidence?
Data breaches often stem from poorly-managed records. By encoding critical information about the records into the files themselves, companies can create a platform for security, efficiency and cost management.
After a year of high-profile cyber-security issues, rounded off by a PayPal data breach that exposed the PII of 1.6 million customers, data security looks set to be at the top of business agendas throughout 2018.
Leaking of the Paradise Papers raises several questions, as it should for all organisations, including Appleby itself, about how you manage, control and report on access to your sensitive data.
Not everything you thought you knew about GDPR is correct, and a corporate governance approach to GDPR is better than a cyber-security approach says David Froud.
Dr Jamie Graves at ZoneFox explains why Chief Data Officers are crucial for future-proofing businesses and winning back the public's trust.
Late last year SC Media UK finally met someone confident that their organisation is GDPR compliant, ready for the new regulations coming into force in May: Stephen Schmidt, CISO, Amazon Web Services (AWS).
In less than six months, the GDPR will transform how organisation are able to use, store and share consumer data. This impacts every industry, but the already heavily-regulated healthcare sector will be hit particularly hard.
70 percent of people say that they would stop doing business with companies following a data breach, but they are about to be engulfed in data breach reality with GDPR breach reporting as under-reporting of breaches is huge.
Learning by doing. If you don't have - and practice - a breach recovery plan, then a simulation exercise can demonstrate why you should have one, identify your weak spots, and encourage you to take action to plug the holes.
Most breaches we become aware of are caused by failure to update software components that are known to be vulnerable for months or even years.