Search Results for: gdpr

Imagine a hidden system that tracks and scores you based on every phone call you make or take. It might sound like something straight out of a Black Mirror episode and remind you of China's controversial social credit system. But surprisingly, half of the world's mobile phone users are already part of a similar system, and many of them are Europeans, who are supposed to enjoy the strongest privacy protections.

NOYB, a privacy advocacy group, has filed a lawsuit against the US company TeleSign, a Belgian telecom provider BICS, and their mutual parent Proximus. They claim these companies are unauthorizedly profiling billions of phone users to assign them a 'reputation' or 'trust' score.

Continue reading →

User authorization for access to data is complicated. Knowing who has access to what information is often difficult because of complex role hierarchies, different authorization models used for different technologies, and the variety of data that may be accessible across technologies and clouds.

Ben Herzberg, chief scientist at data security platform Satori, believes there's often a blindspot around authorization, but that the issue doesn't have to be as complex as it can seem. We talked to him to learn more.

Continue reading →

There tends to be some confusion about where cyber risk ends and where IT risk starts and the terms are often used interchangeably.

We spoke to Gary Lynam, head of ERM advisory at risk management specialist Protecht, to find out more about understanding and managing the different types of risk that enterprises face.

Continue reading →

A survey by Deloitte reveals that as many as 79 percent of people are ready to share their data if they see obvious value in doing so. However, people also need to know that their data privacy is taken seriously. For companies at the cutting edge of personalization in technology and marketing, this means reassuring customers that their data will be kept safe and used transparently and for their own benefit.

While personalization and privacy may seem diametrically opposed, it is possible for businesses to achieve both and prosper. We can compare the privacy versus personalization dilemma with the legendary myth from Homer’s Odyssey, Scylla and Charybdis. These two sea monsters presented a perilous choice to our hero Odysseus, who needed to creatively navigate a route between the two. In the same way, businesses must carefully maneuver between the need for privacy and an ever-deeper demand for customized services.

Continue reading →

Facebook owner Meta has been fined a record €1.2 billion (around $1.3 billion) by Ireland's Data Protection Commission (DPC). The fine was issued for breaching EU data sharing regulations by failing to sufficiently protect user data.

In addition to the record fine, Meta has been ordered to cease the transfer of user data from the EU to the US for processing within six months. Responding to the demand to stop the "unlawful processing, including storage, in the US" of European user data, Meta points out that it "uses the same legal mechanisms as other organizations" and indicated that it intends to appeal against the ruling.

Continue reading →

For decades, businesses have been using data for growth. Today, the importance of utilizing data to gain insights into customer behavior, market trends and business performance continues to develop. However, harnessing the power of data requires more than just the right tools and technology -- it also requires the right talent.

Technological developments, such as artificial intelligence (AI) and the Internet of Things (IoT), have resulted in data and data analysis providing increasing opportunities for businesses to improve their competitive edge. Data is a valuable resource in all sectors, but it is only useful if it is analyzed, interpreted and applied correctly -- this is where talented individuals with an understanding of data science and analytics come in.

Continue reading →

Most businesses will complete regular risk assessments as standard practice. They’re crucial to reducing the threat of financial or reputational loss and give you an overview of the high-risk areas you must address.

One type of risk analysis that is critical but sometimes overlooked is a cybersecurity risk assessment. In today’s digital-first world, it’s difficult to overstate the importance of analyzing and addressing threats to your IT security. Making it a regular occurrence is also advised because cybercriminals are finding new holes in your defenses every day.

To address these threats, full and frequent cybersecurity audits are necessary to review:

Continue reading →

The UK's new Data Protection and Digital Information Bill is set to reduce costs and burdens for British businesses and charities, and remove barriers to international trade.

We know from when it was first brought before parliament last summer that it will also cut the number of repetitive data collection and cookie pop-ups online.

Continue reading →

A new study from Specops Software finds that 88 percent of passwords used in successful attacks consisted of 12 characters or less, with the most common being just eight characters (24 percent).

The research, largely compiled through analysis of 800 million breached passwords, finds the most common base terms used in passwords are depressingly familiar: 'password', 'admin', 'welcome' and 'p@ssw0rd'.

Continue reading →

The latest Annual Trends Report from Jamf, based on a sample of 500,000 devices protected by the company's technology, looks at the threats impacting devices used in the modern workplace and finds social engineering tops the list.

The combination of an increasingly distributed workforce with the relative ease with which bad actors can carry out phishing campaigns, leads to the leakage of user credentials. In 2022, 31 percent of organizations had at least one user fall victim to a phishing attack.

Continue reading →

A recent Statista report revealed the financial consequences of cybercrime in 2022 were higher than ever, with the average cost of data breaches in the U.S. totaling more than $9 million. With 2023 poised to be the year of reduced spending given an uncertain economy, protection against the rise of cyber incidents and data breaches will impact numerous industries and become more costly due to inflation. The human cost, however, is just as great, as businesses face increasing pressures to protect employees’ and customers’ personal information as well as their time and trust.

When a data breach occurs there’s little room and time for error: victims, as well as employees and stakeholders, expect a swift and appropriate incident response. Companies that handle mass amounts of personal data, especially in the legal sector where PII-containing case data is at stake, should look to new solutions rooted in artificial intelligence to complete similar tasks at faster speeds and reduced price points. This will also provide senior leadership much-needed peace of mind amid security-compromised induced stress.

Continue reading →

In the past decade, privacy-related legislation has developed considerably. The 'privacy industry' has gone through a metamorphosis not seen in many other disciplines. Now, as we reflect on the future post-pandemic, we must recognize that being able to quickly access and share accurate data is fundamental to everyone. 

When thinking about this, it’s important to remember that there’s a heavy overlap between business and personal aspects, an example of this is password managers. These will have both personal and work-related credentials saved to them, which can be hard to distinguish, and this is why corporate family use plans exist.

Continue reading →

It’s easy to assume that faxing has no place in today’s digitalized workplace. When email and Instant Messaging apps are so established and familiar, the idea of typing in a fax number, feeding a document into a machine, and then having to wait beside that machine to print out a response for you, sounds, at best, quaint: and at worse, slow, inefficient and unsecure.

But fax has evolved and continues to underpin vital operational processes across a range of sectors. The ongoing importance of timestamping plus the advent of cloud in particular means that whether it’s finance: exchanging the details for buying a house: or sending and receiving critical and confidential healthcare documents, fax still has a significant contribution to make in the day-to-day running of an organization.

Continue reading →

No longer the new 'big thing', the cloud has matured into something that almost all organizations rely on daily. But it's still evolving and its importance has grown over the last two years as we've switched to remote and hybrid working.

Here are some expert views on what lies ahead for the cloud in 2023.

Continue reading →

Modern corporations are fully dependent on their IT infrastructure for their daily operations. Securing an IT infrastructure can be a daunting task. Fortunately, there are common best practices that have found success for some of the biggest companies in the world. These best practices share common traits that can be duplicated to match almost any environment.

 Before we begin, let’s examine the past failures of many security professionals. As security managers, we must understand that the most secure environments, regardless of the sophistication of your tools or the talent of your staff, will eventually be compromised by the weakest link in your controls. So how do we manage these weak links? Let’s start by identifying them.

Continue reading →