dcsimg

Cyber attacks and data breaches in review: March 2020

With COVID-19 spreading across the globe last month – bringing with it a host of cyber security risks – it would have been easy to fear for the worst in terms of cyber attacks and data breaches. But surprisingly, we only found 67 incidents this month, with a total of 832,486,418 affected records – which is only slightly higher than last month’s figures. However, we’re still only in the early … [Read more...]

How to respond to DSARs (data subject access requests) during the COVID-19 pandemic

As organisations adjust to the chaos that the 2019 novel coronavirus (COVID-19) has brought, they are bound to be limited in the business processes they can perform. Among the problems they face is the ability to comply with the GDPR (General Data Protection Regulation) – and in particular to respond to DSARs (data subject access requests). With many employees working from home – and the … [Read more...]

A quick guide to the GDPR’s articles and recitals

There is such a breadth of information online about the GDPR (General Data Protection Regulation) that it can be daunting to find even basic clarifications on its rules and requirements. With this blog, we hope to simplify things, providing quick explanations of the GDPR’s core concepts. For those who want to learn more about each topic, we have links to articles where we’ve discussed the issue in … [Read more...]

What are the security risks of Cloud computing?

Cloud services are an integral part of modern business, with as many as 94% of organisations using it for at least some part of their operations. The reliance on Cloud services will soar in the coming weeks and months, as employees work from home where possible in the fight against the 2019 novel coronavirus pandemic. Separated from the office and local hard drives, employees will be able to use … [Read more...]

What does the GDPR mean for B2B marketing?

Two years after the GDPR (General Data Protection Regulation) took effect, a lot of organisations remain unsure of how to approach compliance. This is especially apparent in B2B marketing, which deals with both business information and personal information. Employees often don’t know which details are subject to the GDPR’s rules and how extensive their data protection practices should be. Let’s … [Read more...]

What’s the difference between information security and cyber security?

Are you confused about the terms ‘information security’ and ‘cyber security’, and why some people use them interchangeably? You’re not alone, as many discussions on data protection and cyber crime overlook the nuances that define the industry. We aim to correct that here, providing a simple explanation of both terms and how they fit into your organisation. What is information security? Information … [Read more...]

What is ethical hacking and how can it protect you against threats?

Ethical hacking has become big business in the cyber security industry, with organisations embracing a seemingly radical approach to data protection. What is ethical hacking? As the name suggests, ethical hacking is an approach to cyber security in which people exploit an organisation’s networks and applications not for malicious purposes but to highlight weaknesses that must be addressed. The … [Read more...]

ISO 27001 and the importance of employees

Anyone familiar with ISO 27001 will know about the three pillars of information security: people, processes and technology. The latter two tend to generate the most attention among managers, because they are the easiest to implement. All you need to do is find an appropriate solution (like anti-malware software or a Cloud services provider), make the purchase and set it up. The people side of … [Read more...]

Cyber attacks and data breaches in review: February 2020

This month has been a mixed bag in terms of cyber security incidents. On the one hand, the 630 million breached records represents a massive drop-off from last month and brings the monthly average back down to about the same level as 2019. However, that total comes from a whopping 106 incidents, which makes February the second leakiest month that we’ve ever recorded. As always, we use this blog to … [Read more...]

The GDPR: Legitimate interest – what is it and when does it apply?

The GDPR (General Data Protection Regulation) outlines six conditions under which organisations can process personal data. Contractual requirements, legal obligations, vital interests and tasks carried out in the public interest are all relatively self-explanatory, leaving consent and legitimate interest that need to be unpacked in more detail. We’ve covered consent before, so our focus here will … [Read more...]