dcsimg

Snapchat releases details of its GDPR compliance measures

Snapchat has announced changes to its privacy policy and user settings as it prepares for the EU General Data Protection Regulation (GDPR), which takes effect on 25 May 2018. Many organisations have downplayed the requisite changes as ‘tweaks’ to their policies, but Snapchat has made a point of emphasising its widespread alterations. The most significant revelation is that, unlike rival messaging … [Read more...]

Danish rail network DSB hit by cyber attack

DSB, the Danish state rail operator, was hit by a distributed denial-of-service (DDoS) cyber attack on Sunday, April 13. A DDoS attack attempts to disrupt a host or network from connecting to the Internet in order to render a network or machines unavailable. It meant that passengers were unable to buy tickets on Sunday, and purchases through DSB’s ticket machines, app, website and retail stores … [Read more...]

9 steps to implementing ISO 27001

There are many reasons to adopt ISO 27001, the international standard that describes best practice for an information security management system (ISMS). It helps organisations improve their security, comply with cyber security regulations, and protect and enhance their reputation. But implementing the Standard takes a lot of time and effort. That should be obvious, at least if you believe the … [Read more...]

The GDPR: What you need to know about DPIAs

Article 35 of the EU General Data Protection Regulation (GDPR) introduces the concept of data protection impact assessments (DPIAs). DPIAs help organisations identify and minimise privacy risks in data processing activities. They are essential if you process any high-risk data, but they are also relevant when you are introducing a new data collection process, system or technology. An effective … [Read more...]

How to create a strong password

“My password was hacked”: it’s the go-to excuse for people who post something regrettable on social media. Numerous celebrities, famous athletes and politicians have attempted to negate scandals by framing themselves as victims of a cyber attack. Perhaps some of them were telling the truth, but they’re hardly admonishing themselves of blame by admitting to being – or pretending to be – so bad at … [Read more...]

The GDPR and Brexit

In less than a month from now, the General Data Protection Regulation (GDPR) comes into force across the EU. It is expected that businesses and charities across Ireland have taken the necessary measures, such as preparing new policies, appointing chief information security officers, restricting IT admin rights and installing firewalls and controls over company-owned devices, to ensure compliance … [Read more...]

How to spot a phishing attack

Phishing is one of the biggest threats that individuals and organisations face, but do you know what they are, what they look like, and where to look for them? In the broadest sense, phishing is any attempt to pose as a trustworthy source in order to get people to hand over personal information. Phishing usually takes the form of mass emails sent to hundreds or thousands of people, criminals can … [Read more...]

Pseudonymisation is the GDPR’s “escape hatch”

If you’ve been reading about the EU General Data Protection Regulation (GDPR), you probably know that massive changes to the way organisations collect personal data will soon be made. The days of stashing away as much data as possible and using it as and when the need arises are gone, as the Regulation mandates that information can only be collected if it meets certain lawful bases. But this … [Read more...]

The challenges facing companies in the lead up to GDPR – A consultant’s perspective

Sharon O’Reilly, GRC/GDPR consultant at IT Governance Europe, was interviewed by The Sunday Business Post before her appearance today at the GDPR Summit. She discussed the challenges facing organisations in the lead up to the General Data Protection Regulation (GDPR).  According to Sharon, these challenges include:  Finding/sourcing the right people to drive compliance programmes;  Determining … [Read more...]

12 questions to ask your CISO

With the rise in cyber attacks and increased risk of a data breach, organisation boards are under increased pressure than ever to improve data governance and security. To help organisations ensure that all areas of cyber security are covered, IT Governance’s team of cyber security experts have examined the top 12 questions that you need to ask your CISO. Download this free brochure to … [Read more...]