dcsimg

‘We need bigger cyber security budgets’, organisations say in new survey

Organisations need to invest more money into cyber security defences if they are to fight back against the growing threat of data breaches, an Ernst & Young survey has found.  According to the professional services firm’s Global Information Security Survey 2018–19, 87% of respondents said they don’t have the budget to deal with … [Read more...]

What are the 6 data protection principles of the GDPR?

A version of this blog was originally published 31 January 2018.  The GDPR (General Data Protection Regulation) outlines six principles that organisations must follow when collecting, processing and storing individuals’ personal data. Data controllers are responsible for complying with those principles, and they must have documented proof of how the organisation is meeting … [Read more...]

10 steps to GDPR compliance: How prepared are you?

This blog has been updated to reflect industry changes. Originally published 16 October 2017.  It’s not too late to comply with the GDPR (General Data Protection Regulation). The Regulation might have come into effect last year, but it’s requirements need to be regularly reviewed. As such, it doesn’t matter what your compliance posture was six months or a year … [Read more...]

What is personal information? In legal terms, it depends

In early March, cybersecurity professionals around the world filled the San Francisco Moscone Convention Center’s sprawling exhibition halls to discuss and learn about everything infosec, from public key encryption to incident response, and from machine learning to domestic abuse. It was RSA Conference 2019, and Malwarebytes showed up to attend and present. Our Wednesday afternoon session—“One … [Read more...]

Are you aware of your organisation’s cyber security vulnerabilities?

With 557 reported data breaches in 2018, it’s safe to say that cyber security should be a top priority for all organisations.  Most organisations are already well-aware of this threat and are pouring money into their security budgets. Gartner estimates that worldwide cyber defence spending could hit $114 billion (about €102 billion) in 2019, as organisations … [Read more...]

Are you aware of your organisation’s cyber security vulnerabilities?

With 557 reported data breaches in 2018, it’s safe to say that cyber security should be a top priority for all organisations.  Most organisations are already well-aware of this threat and are pouring money into their security budgets. Gartner estimates that worldwide cyber defence spending could hit $114 billion (about €102 billion) in 2019, as organisations … [Read more...]

GDPR non-compliance costs data analytics company €220,000

Bisnode, a Swedish data analytics company with a base in Poland, has been hit with a €220,000 (PLN 944,470) fine from Poland’s data protection authority, UODO. The fine was issued after Bisnode failed to inform millions of people that it was processing their data, denying them the opportunity to object to the processing, and the right to rectification or erasure of their details, as noted in … [Read more...]

The global data privacy roadmap: a question of risk

For most American businesses, complying with US data privacy laws follows a somewhat linear, albeit lengthy, path. Set up a privacy policy, don’t lie to the consumer, and check the specific rules if you’re a health care provider, video streaming company, or kids’ app maker. For American businesses that want to expand to a new market, though, complying with global data privacy laws is more akin to … [Read more...]

How the GDPR affects cookie policies

Updated to reflect developments since the GDPR took effect. Originally published on 15 September 2017.  Cookies are mentioned only once in the GDPR (General Data Protection Regulation), but the repercussions are significant for any organisation that uses them to track users’ browsing activity.  Recital 30 of the GDPR states:  “Natural persons may be associated with … [Read more...]

US Congress proposes comprehensive federal data privacy legislation—finally

The United States might be the only country of its size—both in economy and population—to lack a comprehensive data privacy law protecting its citizens’ online lives. That could change this year. Never-ending cybersecurity breaches, recently-enacted international privacy laws, public outrage, and crisis after crisis from the world’s largest social media company have pushed US Senators and … [Read more...]