GDPR News, Articles and Updates

Confusion reigns as GDPR deadline looms - but it's not too late to act

There is a general lack of understanding amongst IT professionals regarding exactly what they needed to change in everyday processes to achieve regulatory compliance (under GDPR).

Is your company a cyber-security 'Tough Mudder?'

There are some difficult obstacles to overcome in the cyber-security tough-mudder challenge, from ransomware and phishing to insider threats and GDPR, but thorough preparation can boost your chances of success.

The privacy wars - individuals ask, where is our data and who has access?

We are seeing a shift in people's perception of how their personal data is collected, stored and used. Large-scale data breaches have raised the level of awareness in the general public, and shone a light on the role of data aggregators.

The data protection goalposts have shifted: has your security strategy moved with them?

It quickly becomes obvious that traditional methods of data security on their own aren't sufficient to provide complete data visibility, but an effective defence strategy must adequately cover all zones in which data can be accessed.

Who will be your organisation's data protection superhero?

The Data Protection Officers required by the new European General Data Protection Regulation can be very difficult to find. But there is a rare breed of cloud providers whose data management skills make them ideal.

SC Congress 2018 Security best practices needed to stay in line with GDPR

It's not enough to do the minimum necessary now with enforcement of new rules less than 100 days away.With GDPR coming into force less than 100 days, organisations need to make sure they are using best practices for security now.

Final Reminder to register and attend SC Congress for FREE on Thursday

SC Congress 2018: Register by 1.0 pm Wednesday 14th to get your FREE day pass on Thursday 15 February, at the ILEC Conference Centre, 47 Lillie Road, London, SW6 1UD.

GDPR and cyber-security: An opportunity that cannot be ignored

Data controllers and processors are required to carefully think about the ways to effectively secure personal data and take all necessary steps in this respect to prevent possible infringements of the Regulation.

Darknet markets worth keeping an eye on - you may see your data for sale

Jamie Bartlett, author of The Dark Net, advises monitoring the darknet markets, both to respond to your own data being sold, but also to protect your reputation if passwords are alleged to come from you following a hack elsewhere.

Data Protection Day: EC issues GDPR guidance

With just under four months to go before the General Data Protection Regulation (GDPR) takes effect, the European Commission (EC) published guidance last wee, meant to help organisations apply the new rules to their businesses.

74% of privacy-immature organisations hit by losses of more than £350,000

Many organisations have been investing in resources and processes to meet GDPR standards ahead of the May deadline according to Cisco's first Privacy Maturity Benchmark Study.

UK businesses far more confident re GDPR than their European counterparts

More than 70 percent of British businesses are confident about their understanding of GDPR and their preparations for the upcoming data security legislation.

Data breach! On winning the reputation game - a question of leadership

Ultimately, responsible handling of data is not about avoiding fines: it is about safeguarding reputation. You can put a price tag on non-compliance with the GDPR, but what price loss of shareholder and customer confidence?

Four things you can do right now to prepare for GDPR compliance

Many organisations need to implement technology upgrades and end-to-end protection to assist them in meeting GDPR's data privacy requirements.

The myths and the maths of GDPR

Not everything you thought you knew about GDPR is correct, and a corporate governance approach to GDPR is better than a cyber-security approach says David Froud.

Interview. Amazon Web Services CISO: accelerating business while ensuring security

Late last year SC Media UK finally met someone confident that their organisation is GDPR compliant, ready for the new regulations coming into force in May: Stephen Schmidt, CISO, Amazon Web Services (AWS).

Predictions A - Z for 2018 - Dystopian or Utopian dawn?

Happy New Year! SC Media UK resumes news reporting on 2 Jan 2018. During the break, catch up on our experts' predictions for a range of positive and negative futures, from the impacts of AI to likely new Zero days.

How ISO 27001 can help your organisation meet GDPR requirements

Making use of ISO 27001 can assist an organisation to be GDPR compliant in several key areas and they can then use this certification to demonstrate a level of GDPR compliance.

Prioritising patient care in the age of cyber-crime

In less than six months, the GDPR will transform how organisation are able to use, store and share consumer data. This impacts every industry, but the already heavily-regulated healthcare sector will be hit particularly hard.

IT security for SMEs in 2018 - information overload

SMEs in particular, face a significant challenge to correlate the output from various systems and interfaces. It is therefore important that the right tools are chosen to empower SMEs to meet these challenges says David Feldman.

The General Data Protection Regulation (GDPR) - what you need to know

May 2018 signals a watershed moment for data protection regulation which should be seen an opportunity for greater emphasis to be afforded to information security, and the processes that support this across organisations.

Penalties for Uber's delayed breach notification would be huge under GDPR

If GDPR had been in effect during the latest Uber hack, the ride-sharing company would have faced stiffed consequences - or more promptly revealed the attack that compromised data of 57 million customers and drivers.

Updated: DVLA selling details to parking firms seeking fines criticised

There has been speculation about the impact of incoming GDPR on government schemes that monitise the data of citizens given to them for the delivery of a service, which is then sold on without the data owner's consent.

The three certainties in life: death, taxes and GDPR

As the GDPR clock ticks down to implementation, it is clear that this will not be a non-event like the Millennium Bug - it will happen and there will be dire consequences, potentially company-closures, in the event of non-compliance.

The minimum you need to do before GDPR goes live: 4 stages to compliance

GDPR: It's important to put data intelligence tools in place that will allow you not only to conduct an audit of the data you have collected in the past but also address compliance in the future says Rob Perry.

Regulatory compliance: Are small-to-medium sized businesses ready?

SMBs in the UK with operations or supply chain in the EU need to focus their attention on GDPR and security posture; there is a level of scrutiny around data management that many SMBs are unlikely to have experienced before.

Privacy update: accountability for your data practices. Honesty enforced

GDPR - Process change is just the beginning, but more interestingly we will see new technologies and use-cases being born and blossom that we can't yet imagine says Todd Ruback.

Data protection - are you seeing the big picture? Or swamped in minutiae?

Focus on the big picture of what GDPR and DPB are trying to achieve, and not the minutiae of a document.advises Marco Dos Santos.

Homes and Communities Agency breach reported to ICO

Ahead of GDPR, even minor breaches are now being reported, with the UK government agency, the Homes and Communities agency, notifying the ICO of a limited breach of its information security policy on Monday 9 October.

Equifax breach: lessons ahead of GDPR, be ready to report when it happens

Under GDPR, organisations must notify customers and authorities of a breach within 72 hours of becoming aware of the attack. James Barrett suggests this will transform how breaches are handled, including by companies like Equifax.