dcsimg

So you’ve suffered a data breach? What to do next

It’s an announcement no information security specialist wants to make: the organisation has suffered a data breach. The breach is bad enough, but now everyone in the office is panicking. Some will grumble about how they’re going to miss deadlines, others will frantically wonder whether they’re responsible for the breach and a few will probably blame the InfoSec professional for not doing their job … [Read more...]

Start your GDPR training today!

The GDPR provides a single, harmonised data privacy law for the EU. It aims to prevent the loss of personal data by improving data security for all individuals living in EU member states. The GDPR came into force on 25 May 2018, and organisations that fail to comply face fines of up to €20 million, or 4% of global annual turnover – whichever is greater. Many organisations are struggling to fill a … [Read more...]

Are you ready for a data breach?

A new report has suggested that most SMEs (small and medium enterprises) don’t have anywhere near the estimated €102,000 it costs to respond to a data breach. InsuranceBee’s survey found that 83% of respondents had no money reserved to get back to normal following a cyber security incident, and 25% were unaware that that it would even cost money to put things right.   Breaches are … [Read more...]

43% of people plan to remove their personal data from social media

If you look someone up on Facebook or LinkedIn, you’ll be able to gather huge amounts of information about them without them ever knowing. Until recently, nobody seemed to think about the risks involved; it was just the way things were, and if you didn’t get on board, you were left out from a whole virtual world.  But thanks to the recent Facebook data scandal and the introduction of the EU GDPR … [Read more...]

Why you should be worried about your partners’ GDPR compliance posture

The EU GDPR (General Data Protection Regulation) came into effect three months ago, and a lot of organisations are starting to feel happy about their compliance posture. They are less happy, however, with the practices of their suppliers and service providers.  Under the GDPR, organisations must ensure that personal information that they’ve obtained remains secure – even when it is shared with … [Read more...]

Two thirds of organisations aren’t GDPR-compliant

A survey has revealed that organisations across Europe still aren’t compliant with the EU GDPR (General Data Protection Regulation), even though the Regulation came into effect three months ago.  Only 34.5% of respondents to Deloitte’s study said they could demonstrate compliance with the GDPR. Another 32.7% hope to be ready by the end of 2018, and 11.7% said they are taking a ‘wait-and-see’ … [Read more...]

How to respond to a data breach

Under the EU GDPR (General Data Protection Regulation), organisations must report personal data breaches to their supervisory authority within 72 hours of discovering or becoming aware of it. You might think that’s an impossibly short deadline, but don’t fear, you’re not expected to provide a comprehensive report at this stage. The process is simply to ensure that organisations are aware of … [Read more...]

Finding the right candidate to be your DPO

Complying with the EU GDPR (General Data Protection Regulation) is mostly about hard work and organisation, but there’s also a little bit of luck involved – at least when it comes to appointing a DPO (data protection officer). The position, which is mandatory for many organisations under the GDPR, has caused a massive spike in demand for data protection experts. Unless the perfect candidate falls … [Read more...]

Norwegian study finds Google and Facebook manipulate users to share data despite GDPR

A recent study by the Norwegian government has found that Facebook and Google push users to share private information by using “invasive” and limited default options. The Norwegian Consumer Council’s Deceived By Design report suggests that the tech giants’ privacy updates clash with the new GDPR (General Data Protection Regulation). In a statement, the council’s director of digital services, … [Read more...]

Swedish Data Inspectorate begins first reviews under the GDPR

  The Data Inspectorate of Sweden has begun its first reviews under the GDPR (General Data Protection Regulation) to ascertain whether authorities and companies that are obliged to appoint a DPO (data protection officer) have done so. Those being examined operate in the private healthcare, insurance and financial sectors. Jonas Agnvall, a lawyer at the Data Inspectorate who is heading the … [Read more...]