Regulation News, Articles and Updates

Elizabeth Denham - A Profile of the Information Commissioner

GDPR enforcement comes into effect today and the person responsible for overseeing and enforcing its implementation in the UK is Information Commissioner Elizabeth Denham - so its time to learn more about her.

GDPR compliance: organisations realising DNS is the key

Research on 1,000 global businesses just prior to today's GDPR implementation showed nearly three quarters of businesses are close to being fully compliant to new data regulations, and identify positive benefits of compliance.

GDPR compliance rush arrives - sites close, Google, Facebook face lawsuits

GDPR has been in play for less than 24 hours and several lawsuits have already been filed in the EU against Facebook and Google claiming each is not abiding by the new privacy regulations.

GDPR comes into effect today: fines will be levied

Most companies globally don't think they risk being fined, even though most are not ready for GDPR - but if they have a change of heart there are actions they can still take.

UK government's IoT best practices are necessary, but insufficient

Prior to 'Secure by Design' IoT security problems were largely ignored by governments, leaving little beyond the good graces of manufacturers and the security sense of users to bolster IoT security.

GDPR for Dummies: Some final Do's and Don'ts of GDPR

Shane Fuller co-author of the official 'GDPR for Dummies' Guide, advises, ensure you don't misinterpret what is required to become GDPR compliant and don't over-complicate things.

ISO to introduce privacy standards for consumer goods

The ISO has brought together a team of privacy experts to develop the first set of preventative international guidelines to ensure consumer privacy is embedded into the design of a product or service.

Making GDPR work for you - as well as all who do business with you

In the first instance, organisations need to discover which repositories, assets and applications are holding data. The second step is to classify and understand all data in the context of all related business processes.

Will we get a GDPR for the IoT?

Until governments catch up with IoT security standards and regulation the industry needs to establish a commercial IoT security testing standard and share best practices for IoT risk mitigation.

At least 432 UK businesses to be affected by NIS cyber-security regulation

Compliance with new NIS (network and information systems) regulations that come into force next month could cost large essential service providers around £278,000 each.

Private vs. public cloud and the compliance conundrum

Businesses may feel more comfortable with their data stored within their own walls, but private clouds will generally be slower to patch security gaps, leaving them exposed to potential data breaches and compliance holes.

The GDPR conversation needs to be reframed

The first and most vital thing for SMEs is to reframe the way in which they view GDPR. In many ways, the regulations will help companies better their structure, security and awareness of data, which can only be a good thing.

Bringing cryptocurrency to the front line: Who, what & why?

The stand-out arguments for regulatory intervention in cryptocurrencies are greater consumer protection and more effective financial crime prevention. But do they want the benefits and responsibilities of official recognition?

Only 49% of consumers contacted to obtain consent to process their data

Only half of consumers in the UK have so far been contacted by brands asking for consent to keep sending marketing materials, even though fewer than 50 days are left before GDPR comes into force, says a recent study.

Top tips to 'spring clean' your data processes and get ready for GDPR

It is vital to keep track of your data by continuously looking out for your data appearing "outside the perimeter," and quickly addressing any leaks - much like having CCTV or a security guard protecting your office and car park.

Preventing physical security devices becoming a cyber-security headache

Why GDPR may hold the key to ensuring the cyber-security of CCTV and access control technology.

Government calls for revamp in IoT security; will manufacturers listen?

Government plans for IOT security welcomed but also criticised as being only a set of advisories and recommendations which do not include watertight regulations around credentials and authentication.

The four issues impacting IoT security

If devices are shipped with the low-hanging fruit problems removed, security becomes a consumer requirement, which will lead hardware vendors to guarantee a baseline level of security.

Implementing the Network & Information Security directive - be prepared

There is enough information now available from the NCSC to allow organisations to start identifying the gaps in their NIS directive approach and understand the risks these pose.

Apple's China-based iCloud data centre raises privacy, human rights fears

Human rights activists are concerned that the Chinese government's regulation requiring that Apple host its citizen's iCloud accounts on servers in China could make it easier for that nation to track down dissenters.

Final Reminder to register and attend SC Congress for FREE on Thursday

SC Congress 2018: Register by 1.0 pm Wednesday 14th to get your FREE day pass on Thursday 15 February, at the ILEC Conference Centre, 47 Lillie Road, London, SW6 1UD.

GDPR and cyber-security: An opportunity that cannot be ignored

Data controllers and processors are required to carefully think about the ways to effectively secure personal data and take all necessary steps in this respect to prevent possible infringements of the Regulation.

Critical infrastructure security - getting to grips with EU NIS Directive

EU NIS Directive: As the implementation of the first true piece of cyber-security legislation draws near, Jalal Bouhdada discusses its potential impact on 'operators of essential services.

Data breach! On winning the reputation game - a question of leadership

Ultimately, responsible handling of data is not about avoiding fines: it is about safeguarding reputation. You can put a price tag on non-compliance with the GDPR, but what price loss of shareholder and customer confidence?

Four things you can do right now to prepare for GDPR compliance

Many organisations need to implement technology upgrades and end-to-end protection to assist them in meeting GDPR's data privacy requirements.

The myths and the maths of GDPR

Not everything you thought you knew about GDPR is correct, and a corporate governance approach to GDPR is better than a cyber-security approach says David Froud.

Interview. Amazon Web Services CISO: accelerating business while ensuring security

Late last year SC Media UK finally met someone confident that their organisation is GDPR compliant, ready for the new regulations coming into force in May: Stephen Schmidt, CISO, Amazon Web Services (AWS).

How ISO 27001 can help your organisation meet GDPR requirements

Making use of ISO 27001 can assist an organisation to be GDPR compliant in several key areas and they can then use this certification to demonstrate a level of GDPR compliance.

US FCC to repeal net neutrality, could increase cyber-security threats

The commission decided today to repeal the regulations put in place under the Obama administration, prompting criticism that the move would not only choke freedom but would compromise security and privacy.

The General Data Protection Regulation (GDPR) - what you need to know

May 2018 signals a watershed moment for data protection regulation which should be seen an opportunity for greater emphasis to be afforded to information security, and the processes that support this across organisations.