Search Results for: gdpr

When GDPR (General Data Protection Regulation) comes into force in 2018, businesses not adhering to cybersecurity best practices risk either €20 million in fines or four percent of their annual global turnover, whichever is bigger.

The media has been buzzing about this a lot lately, but how much is four percent really, at least among UK organizations? According to PCI Security Standards Council -- that could be up to £122 billion. Here’s how PCI SSC came to that conclusion.

Continue reading →

The GDPR is drawing ever closer, but organizations which will be directly affected by it still don't know how to approach the new regulation, a new study by Dell shows. Ever since it was unveiled that the General Data Protection Regulation will come into effect in May 2018, surveys have been done to see if companies are preparing themselves for it, and if they will be ready to comply with it in time.

Never have these reports shown positive or encouraging results, and the new one by Dell is no different. Still, organizations aren't even close to being prepared. More than 80 percent say they know close to nothing about GDPR. Less than a third are ready for GDPR today. Almost 70 percent of IT and business professionals say they are not, and that they don't know if their companies are ready.

Continue reading →

Time is relentless. The GDPR is moving ever closer, while at the same time apps aren’t. And that’s a huge problem for businesses, because if apps are not GDPR-compliant, they’re not GDPR complaint. That can mean huge fines, possibly even the end of businesses.

The fact that apps are far away from being GDPR compliant came as a result of a new and extensive study by Blue Coat Labs. The company analyzed more than 15,000 enterprise cloud applications in use and 108 million enterprise documents stored and shared within them.

Continue reading →

Another day, another Brexit story. It’s going to be years before we stop hearing the various implications and results of the recently held UK referendum on leaving the European Union.

This time, it’s about private data and its sharing to third-parties, by private companies, without users’ consent.

Continue reading →

Using cloud apps in a business environment, be it Shadow IT or not, is going to be risky business in a couple of years, as a vast majority of today’s widely used apps do not comply with the upcoming rules and regulations of the EU GDPR.

GDPR, or general data protection regulation, is a EU-crafted document aimed at regulating the corporate use of data, and how businesses must act in order to ensure maximum safety of customer data used, as well as privacy. It will come into force in less than two years.

Continue reading →

In a world more concerned than ever with privacy and data security, law makers are scrambling to keep up to date. With the growth of the internet, many old and inappropriate laws have been bent to fit a purpose they were not designed for. A case in point are European data protection directives which date back more than two decades.

In April this year a new law was adopted -- the General Data Protection Regulation, or GDPR. With compliance with the law required of the 28 EU member states by 25 May 2018, a two-year countdown is now underway. GDPR is welcomed by Mozilla who is using the 24-month compliance deadline to draw attention to some of the regulation's highlights.

Continue reading →

The moment of reckoning is on its way for companies that collect or store data on European Union citizens. Last week EU legislators signed data privacy regulations into law, creating what may be the most stringent data protection law in place today. The requirements will not be easy for many companies to meet and will demand financial and personnel resources. There is sure to be criticism that the EU stifles technology innovation. In reality, the GDPR demonstrates a progressive approach to data transactions and the digital economy. The introduction of the regulation states, "The protection of natural persons in relation to the processing of personal data is a fundamental right…".

Essentially, the law codifies the concept that data transactions come with responsibility on the part of the collector. As technology continues to advance, establishing this foundation of trust is a necessary step. Complying with the regulation may seem onerous, but think from the consumer’s perspective. Organizations gather more data than ever. Huge headaches and hardships arise when data is  stolen or lost. The regulation puts in place best practices to ensure companies offer a necessary level of security and treat personal data with the respect it deserves.

Continue reading →

Every day across the UK, around 1.5 million professionals work from home; and are more productive, happier in their role, and measurably less stressed, perhaps. At the same time, however, they may be increasing the risk to your sensitive business data.

Since the government has recently given all employees the right to request flexible working, the number of home-workers, and the associated information risk, looks set to increase -- just when the stricter EU General Data Protection Regulations (GDPR) are set to come into force.

Continue reading →

As the European Union reaches an agreement on the General Data Protection Regulation (GDPR), which will require companies to comply with state-of-the-art cybersecurity requirements, security firm Palo Alto Networks has surveyed businesses to see how much they know about cyber-security and where the responsibility lies.

The survey suggests much work still needs to be done, particularly in areas of collaboration and responsibility sharing.

Continue reading →

According to Gartner, 60 percent of organizations work with over 1,000 third parties, and a new report shows many of these supply misconfigured or vulnerable hardware and software, putting customers at risk.

The study from CyCognito finds web server environments, including platforms like Apache, NGINX, Microsoft IIS, and Google Web Server, were the host of 34 percent of all severe issues across surveyed assets. They accounted for more severe issues than 54 other environments combined (out of 60 environments surveyed),

Continue reading →

The question of how to train and improve AI tools is one that triggers fierce debate, and this is something that has come into sharp focus as It becomes clear just how Meta is teaching its own artificial intelligence.

The social media giant is -- perhaps unsurprisingly to many -- using data scrapped from Facebook and Instagram posts, but only in Australia. Why Australia? Unlike Europe where General Data Protection Regulation (GDPR) necessitated Meta to give users a way to opt out of having their data used in this way, Australia has not been afforded this same opportunity. What does this mean?

Continue reading →

Third-party browser scripts are the code snippets that organizations put into their websites to run ads, analytics, chatbots, etc -- essentially anything that isn't coded by the organization itself.

Which sounds innocuous enough, but these scripts are increasingly being used as a vector for cyberattacks. We spoke to Simon Wijckmans, CEO of c/side, to understand how these attacks operate and what can be done to defend against them.

Continue reading →

The new NIS2 directive is designed to strengthen the cyber resilience of over 160,000 companies that operate in the EU -- either directly or indirectly. Coming into force by 17th October, NIS2 regulations will outline how these essential entities can combat increasingly sophisticated and frequent cyber attacks.

Notwithstanding delays in the implementation of local legislation, the NIS2 directive provides an indication of the compliance obligations affecting those organizations which fall within the scope of the new rules. Ultimately, NIS2 aims to reduce inconsistencies in cyber security resilience by being the “single source of truth” for regulatory bodies to oversee how organizations implement increasingly stringent cybersecurity frameworks. As we have seen in recent weeks, these are crucial, especially during large-scale cybersecurity incidents or crises.  

Continue reading →

Globally cybersecurity is soaring to critical levels of concern for organizations. The Veeam 2023 Data Protection Report highlights that 85 percent of organizations have been hit by at least one cyber attack, illustrating the difficult journey towards recovery. The average recovery from an attack can drag on for a staggering three weeks, not only impacting operations but also carrying with it significant financial implications. Therefore, cyber resilience must adopt comprehensive strategies to ensure operational and cyber resilience. This means companies must not only take proactive cybersecurity measures to prevent disruptions but must also implement reactive measures to ensure a quick response and complete recovery in the event of a successful cyber attack.

To improve their cyber resilience and smoothly adapt to regulatory shifts, organizations must embark on a strategic journey, weaving together crucial strategies and best practices to ensure they not only survive a threat but thrive in the ever-evolving digital landscape.

Continue reading →

Swiss company Proton is known for its privacy focused solutions including secure mail, VPN and password manager. Today the company launches a new service, Proton Drive for Business.

This is a comprehensive solution designed to provide secure and private cloud storage, file sharing, and real-time document collaboration for organizations. In an era where data breaches and unauthorized use of company documents are common, this new service offers security and privacy to businesses of all sizes, with end-to-end encryption.

Continue reading →