GDPR News, Articles and Updates

GDPR for Dummies: Some final Do's and Don'ts of GDPR

Shane Fuller co-author of the official 'GDPR for Dummies' Guide, advises, ensure you don't misinterpret what is required to become GDPR compliant and don't over-complicate things.

The right to erasure: give a little (data) respect

One of the biggest ways to ensure you are complying not just with the Right to be Forgotten, but all regulation, is putting the data protection at the heart of your company.

Making GDPR work for you - as well as all who do business with you

In the first instance, organisations need to discover which repositories, assets and applications are holding data. The second step is to classify and understand all data in the context of all related business processes.

How cyber-security can embed a sustainable privacy operating model

A risk-based approach to security is central to complying with GDPR. Article 32 requires that the measures taken by organisations must provide a level of security appropriate to the risk.

Phishing campaign aimed at Airbnb guests uses GDPR hook

Hackers are playing off of the impending implementation of GDPR, posing as Airbnb hosts in emails saying victims must accept new privacy policy based on the regulation before further bookings can be made.

GDPR countdown: For the small business

If you own or work at a small business and your firm is a data processor or data controller of private data belonging to European Union citizens, your company will be subject to the General Data Protection Regulation (GDPR).

Will we get a GDPR for the IoT?

Until governments catch up with IoT security standards and regulation the industry needs to establish a commercial IoT security testing standard and share best practices for IoT risk mitigation.

How decentralising data supports GDPR best practice and protects against breaches

By analysing decentralised datasets it's possible for businesses to securely share data and generate insight from one or multiple data sources. Unlike Blockchain, access to the raw data is only given to the data controller.

Looking to reduce GDPR liability, Facebook ports 1.5B non-US users to HQ

In an effort to reduce its liability under Europe's General Data Protection Regulation (GDPR) set to take effect in May, Facebook has transferred responsibility for more than 1.5 billion users in Latin America, Asia, Africa and Australia.

GDPR is just around the corner: what can organisations expect?

Mobile devices are more vulnerable to data leaks, given that they can be lost or stolen and can often result in lost or deleted data; the legal ramifications for this are the same as with any other device under the GDPR

The GDPR conversation needs to be reframed

The first and most vital thing for SMEs is to reframe the way in which they view GDPR. In many ways, the regulations will help companies better their structure, security and awareness of data, which can only be a good thing.

Companies reversing hashed emails for as little as 2.84p per email

Hashed email addresses do not provide any significant protection for consumers as many firms are now offering services that can reverse email hashing to correctly guess consumers' email addresses, security experts warn.

Only 49% of consumers contacted to obtain consent to process their data

Only half of consumers in the UK have so far been contacted by brands asking for consent to keep sending marketing materials, even though fewer than 50 days are left before GDPR comes into force, says a recent study.

ICANN struggles to make WHOIS GDPR compliant without increasing cyber-crime

On 25 May the General Data Protection Regulation (GDPR) will come into effect, and could make the job of incident response a whole lot harder for security researchers.

Top tips to 'spring clean' your data processes and get ready for GDPR

It is vital to keep track of your data by continuously looking out for your data appearing "outside the perimeter," and quickly addressing any leaks - much like having CCTV or a security guard protecting your office and car park.

Top 6 steps for GDPR compliance

Effective 25 May, 2018, the European Union's General Data Protection Regulation, commonly called GDPR, will become not only the law of the land in Europe but across the globe.

Preventing physical security devices becoming a cyber-security headache

Why GDPR may hold the key to ensuring the cyber-security of CCTV and access control technology.

Confusion reigns as GDPR deadline looms - but it's not too late to act

There is a general lack of understanding amongst IT professionals regarding exactly what they needed to change in everyday processes to achieve regulatory compliance (under GDPR).

Is your company a cyber-security 'Tough Mudder?'

There are some difficult obstacles to overcome in the cyber-security tough-mudder challenge, from ransomware and phishing to insider threats and GDPR, but thorough preparation can boost your chances of success.

The privacy wars - individuals ask, where is our data and who has access?

We are seeing a shift in people's perception of how their personal data is collected, stored and used. Large-scale data breaches have raised the level of awareness in the general public, and shone a light on the role of data aggregators.

The data protection goalposts have shifted: has your security strategy moved with them?

It quickly becomes obvious that traditional methods of data security on their own aren't sufficient to provide complete data visibility, but an effective defence strategy must adequately cover all zones in which data can be accessed.

Who will be your organisation's data protection superhero?

The Data Protection Officers required by the new European General Data Protection Regulation can be very difficult to find. But there is a rare breed of cloud providers whose data management skills make them ideal.

SC Congress 2018 Security best practices needed to stay in line with GDPR

It's not enough to do the minimum necessary now with enforcement of new rules less than 100 days away.With GDPR coming into force less than 100 days, organisations need to make sure they are using best practices for security now.

Final Reminder to register and attend SC Congress for FREE on Thursday

SC Congress 2018: Register by 1.0 pm Wednesday 14th to get your FREE day pass on Thursday 15 February, at the ILEC Conference Centre, 47 Lillie Road, London, SW6 1UD.

GDPR and cyber-security: An opportunity that cannot be ignored

Data controllers and processors are required to carefully think about the ways to effectively secure personal data and take all necessary steps in this respect to prevent possible infringements of the Regulation.

Darknet markets worth keeping an eye on - you may see your data for sale

Jamie Bartlett, author of The Dark Net, advises monitoring the darknet markets, both to respond to your own data being sold, but also to protect your reputation if passwords are alleged to come from you following a hack elsewhere.

Data Protection Day: EC issues GDPR guidance

With just under four months to go before the General Data Protection Regulation (GDPR) takes effect, the European Commission (EC) published guidance last wee, meant to help organisations apply the new rules to their businesses.

74% of privacy-immature organisations hit by losses of more than £350,000

Many organisations have been investing in resources and processes to meet GDPR standards ahead of the May deadline according to Cisco's first Privacy Maturity Benchmark Study.

UK businesses far more confident re GDPR than their European counterparts

More than 70 percent of British businesses are confident about their understanding of GDPR and their preparations for the upcoming data security legislation.

Data breach! On winning the reputation game - a question of leadership

Ultimately, responsible handling of data is not about avoiding fines: it is about safeguarding reputation. You can put a price tag on non-compliance with the GDPR, but what price loss of shareholder and customer confidence?