GDPR News, Articles and Updates

IT security for SMEs in 2018 - information overload

SMEs in particular, face a significant challenge to correlate the output from various systems and interfaces. It is therefore important that the right tools are chosen to empower SMEs to meet these challenges says David Feldman.

The General Data Protection Regulation (GDPR) - what you need to know

May 2018 signals a watershed moment for data protection regulation which should be seen an opportunity for greater emphasis to be afforded to information security, and the processes that support this across organisations.

Penalties for Uber's delayed breach notification would be huge under GDPR

If GDPR had been in effect during the latest Uber hack, the ride-sharing company would have faced stiffed consequences - or more promptly revealed the attack that compromised data of 57 million customers and drivers.

Updated: DVLA selling details to parking firms seeking fines criticised

There has been speculation about the impact of incoming GDPR on government schemes that monitise the data of citizens given to them for the delivery of a service, which is then sold on without the data owner's consent.

The three certainties in life: death, taxes and GDPR

As the GDPR clock ticks down to implementation, it is clear that this will not be a non-event like the Millennium Bug - it will happen and there will be dire consequences, potentially company-closures, in the event of non-compliance.

The minimum you need to do before GDPR goes live: 4 stages to compliance

GDPR: It's important to put data intelligence tools in place that will allow you not only to conduct an audit of the data you have collected in the past but also address compliance in the future says Rob Perry.

Regulatory compliance: Are small-to-medium sized businesses ready?

SMBs in the UK with operations or supply chain in the EU need to focus their attention on GDPR and security posture; there is a level of scrutiny around data management that many SMBs are unlikely to have experienced before.

Privacy update: accountability for your data practices. Honesty enforced

GDPR - Process change is just the beginning, but more interestingly we will see new technologies and use-cases being born and blossom that we can't yet imagine says Todd Ruback.

Data protection - are you seeing the big picture? Or swamped in minutiae?

Focus on the big picture of what GDPR and DPB are trying to achieve, and not the minutiae of a document.advises Marco Dos Santos.

Homes and Communities Agency breach reported to ICO

Ahead of GDPR, even minor breaches are now being reported, with the UK government agency, the Homes and Communities agency, notifying the ICO of a limited breach of its information security policy on Monday 9 October.

Equifax breach: lessons ahead of GDPR, be ready to report when it happens

Under GDPR, organisations must notify customers and authorities of a breach within 72 hours of becoming aware of the attack. James Barrett suggests this will transform how breaches are handled, including by companies like Equifax.

Don't be tomorrow's news - use machine data to protect PII pre-GDPR

Using machine data to monitor staff behaviours can identify potential PII breaches before they happen and avoid the huge fines that would follow once GDPR comes into effect says Matthias Maier

IP Expo: GDPR - "All of us will carry a quantum of illegality"

GDPR is built on the assumption that people are better prepared than they are, so we will fail to comply, therefore take a risk-based approach and focus on the things that matter.

How do we reconcile the open source security risk with GDPR best practice?

GDPR calls for a documented, systematic approach to evaluating your security measures - including how you patch, but patching Open Source code has its own problems explains Matthew Jacobs and Daniel Hedley.

ISF guide walks through prep and implementation of GDPR compliance program

The Information Security Forum (ISF) has released the GDPR Implementation Guide, which offers organisations a two-phase walkthrough to prepare for and implement a GDPR compliance programme.

How the next cyber breach could cost you 4% of revenues: Defensive options

Itay Glick runs through some of the protections and their effectiveness against becoming not just the victim of a data breach, but also an early casualty of swinging GDPR fines.

Cracking the GDPR compliance conundrum in local government

Before you start looking at GDPR you need to understand what PII data you have, where it is, who has access, who it is shared with, and ultimately, how you can best manage it according to GDPR requirements says Julian Cook.

Coming, ready or not: The cost of GDPR non-compliance

Implementation of GDPR could potentially spell the end of almost one in five European businesses says Petter Nordwall, particularly if regulators come out swinging and impose maximum fines for data breaches.

Protecting the cloud - a GDPR issue that can't simply be outsourced

With increasing reliance on cloud applications, businesses must start taking the issue of security in the cloud seriously. They must start asking the right questions about the service providers they are looking at says Joe Pindar

Protecting your network hive: 4 security trends you need to know about

In our connected society, securing the network "hive" is very much a team effort. Only by assessing and defining the landscape in the first instance can a successful security strategy be put in place says Russell Crampin

CeX data breach - up to 2 million hit - and at risk of future scams

Today second hand games and electronics store CeX reported that it had been the victim of a massive data breach, issuing a statement to customers saying, "We have recently been subject to an online security breach."

ICYMI: Skills gap? Mirai; GDPR; £14.5m centre; ApplePay vulnerable

In Case You Missed It: Skills gap real? Mirai hits DT; GDPR ignored; £14.5m cyber-centre; ApplePay vulnerable to two threats

Think you're GDPR compliant? Veritas research says you probably aren't

New research from Veritas says only two percent of organisations actually appear to be in compliance with the GDPR, revealing a distinct misunderstanding over regulation readiness.

Majority of UK boards neglecting GDPR while retail suffers breaches

Companies are likely to be closed down by swinging EU penalty fines next year given the failure of the C-Suite to prepare for GDPR despite rising breaches in the retail sector.

Getting to grips with your data in the face of the EU GDPR

Richard Whomes looks at how companies must ensure that they can access and view data across the entire IT estate, to comply with the EU GDPR.

Bridging the Gap of Grief with Business-Driven Security

Riashmi Knowles discusses how communication, or lack of, is the blight of the security industry.

House of Lords to report on post-Brexit GDPR, Germany first to enact GDPR

The GDPR klaxon rings: Germany becomes the first country to pass the GDPR through its legislative process, as Lords in the UK release a report on what post-Brexit GDPR will look like.

Don't fear GDPR - it's the key to create a culture of secure IT

Gordon Morrison discusses how GDPR is a once in a lifetime opportunity to overhaul cyber processes.

Cyber-security in supply chains - key to meeting GDPR challenges

Steven Kenny discusses why cyber-security across the entire supply chain is key for organisations in ensuring GDPR challenges are met.