dcsimg

Swedish Data Inspectorate completes first GDPR Reviews

400 organisations and public authorities have been audited by the Swedish Data Inspectorate in its first review, to ascertain whether a DPO (data protection officer) has been appointed where required. The review showed deficiencies in nearly 25% of the organisations and authorities selected. Under the GDPR (General Data Protection Regulation), all public authorities and certain organisations are … [Read more...]

Get #BreachReady before you get burnt!

Just because everyone else is on holiday, doesn’t mean cyber attackers are. Protect yourself from the financial penalties and losses associated with data breaches with our fixed-price, tailored services. What’s more, when reporting the breach you’ll need to explain how it could have been avoided – a sticky situation you won’t relish. You can’t prevent a cyber attack from the beach, so get ready … [Read more...]

How to respond to a data breach

Under the EU GDPR (General Data Protection Regulation), organisations must report personal data breaches to their supervisory authority within 72 hours of discovering or becoming aware of it. You might think that’s an impossibly short deadline, but don’t fear, you’re not expected to provide a comprehensive report at this stage. The process is simply to ensure that organisations are aware of … [Read more...]

CEOs the worst offenders when it comes to email security

Nearly 60% of organisations will fall victim to an email-based attack this year, and there’s a good chance the guilty party will be the CEO, according to Mimecast’s The State of Email Security 2018. According to the report, 37% of respondents said their organisation’s CEO is a “weak link” in their cyber security programme. Evidence backs this up: Mimecast found that 31% of C-level employees had … [Read more...]

Finding the right candidate to be your DPO

Complying with the EU GDPR (General Data Protection Regulation) is mostly about hard work and organisation, but there’s also a little bit of luck involved – at least when it comes to appointing a DPO (data protection officer). The position, which is mandatory for many organisations under the GDPR, has caused a massive spike in demand for data protection experts. Unless the perfect candidate falls … [Read more...]

Norwegian study finds Google and Facebook manipulate users to share data despite GDPR

A recent study by the Norwegian government has found that Facebook and Google push users to share private information by using “invasive” and limited default options. The Norwegian Consumer Council’s Deceived By Design report suggests that the tech giants’ privacy updates clash with the new GDPR (General Data Protection Regulation). In a statement, the council’s director of digital services, … [Read more...]

Swedish Data Inspectorate begins first reviews under the GDPR

  The Data Inspectorate of Sweden has begun its first reviews under the GDPR (General Data Protection Regulation) to ascertain whether authorities and companies that are obliged to appoint a DPO (data protection officer) have done so. Those being examined operate in the private healthcare, insurance and financial sectors. Jonas Agnvall, a lawyer at the Data Inspectorate who is heading the … [Read more...]

Top tips for writing a GDPR-compliant privacy policy

After this past week, in which your inboxes were no doubt overloaded with emails about updated privacy policies, you might want a long break from those two words. But if your organisation didn’t contribute to the plethora of privacy policy epistles, you’re going to be stuck thinking about them a little longer. Organisations are required to update their privacy policy and share it with data … [Read more...]

1 in 8 cyber attacks successful in Denmark

A recent survey by the Danish Society of Engineers’ IT subsidiary, IDA-it, concluded that two thirds of businesses had experienced a cyber attack, and that up to one in eight cyber attacks carried out against Danish organisations are successful. IDA-it surveyed people working in IT or personal data related roles in the public and private sector. Kåre Løvgren, IDA-it’s chairperson, said that … [Read more...]

Danish rail network DSB hit by cyber attack

DSB, the Danish state rail operator, was hit by a distributed denial-of-service (DDoS) cyber attack on Sunday, April 13. A DDoS attack attempts to disrupt a host or network from connecting to the Internet in order to render a network or machines unavailable. It meant that passengers were unable to buy tickets on Sunday, and purchases through DSB’s ticket machines, app, website and retail stores … [Read more...]