Articles about GDPR

IBM has announced new data governance and data science initiatives that will aid developers and analysts use cognitive computing to better understand and control their data.

The company also unveiled new solutions and tools that would make it easier for organizations to comply with the EU's upcoming General Data Protection Regulation (GDPR). Failure to comply with GDPR will be quite costly for organizations which has led to the creation of a number of tools to help prepare for when it goes into effect on May 25 next year.

Continue reading →

Time is running out to ensure that your organization is prepared for the upcoming General Data Protection Regulation (GDPR) and with less than a year to go now is the time to take action.

In order to help organizations prepare for GDPR, the data governance firm DQM GRC has released a free online GDPR Self-Assessment Tool that provides insight into a company's compliance levels compared to the new regulation and offers practical advice on how they can overcome their biggest challenges.

Continue reading →

New research shows that more than a third of all public web pages of FTSE 30 companies capturing personally identifiable information (PII) are in danger of violating the GDPR regulations by doing so insecurely.

The FTSE 30 is made up of the 30 most influential companies listed on the London Stock Exchange. The study by RiskIQ looking at the sites of these organizations finds that more controls on outward facing web assets are needed.

Continue reading →

With a recent, but less publicized executive order from President Trump, there are things happening on both sides of the Atlantic with regard to personal data, and it looks like the US and the EU have very different ideas about which direction to take.

We all leave a digital trail these days, just going about our daily business. Much of it we don't think about, and we often consciously choose to trade this personal data ourselves, in exchange for free services. Think about it, your Internet searches, social media, the websites you visit and your location while you're doing it, even exercise activity and your home heating usage via a smart thermostat, all have data harvested and monetized by big business.

Continue reading →

The new GDPR legislation is now just a year away from coming in to force, but new research claims that British businesses are not nearly as prepared as expected.

A study by Blancco Technology Group reveals that the UK is significantly less prepared than its European counterparts, with companies lagging behind the rest of the continent.

Continue reading →

While the E.U.’s General Data Protection Regulation (GDPR) won’t take full effect until May 25 2018, multi-national companies do need to take thoughtful action now to be certain their E.U.-based operations will be fully compliant when the time comes.

With WannaCry, the world’s largest ransomware attack fresh in their minds, most global businesses are hyper-focused on data security in formulating responses to GDPR. However, many are less well organized in their approach to the data privacy issues related to the new regulation. The lack of a well-formulated approach should give global companies pause though, particularly because the definition of data privacy under GDPR is especially broad, and because harnessing IoT data can be very challenging.

Continue reading →

The EU General Data Protection Regulation (GDPR) comes into force on May 25th 2018, but a new survey by data protection company Varonis shows companies are struggling to meet the deadline and are pessimistic about its effects.

The results from 500 IT decision makers in the UK, Germany, France and the US, reveal that 75 percent of organizations say they will struggle to be ready for the deadline.

Continue reading →

According to a survey conducted by Lepide, a leading security auditing solutions provider, 60 percent of companies are still not able to determine who has access to their critical data. The survey was conducted during a variety of trade shows including Infosec Europe, RSA Singapore, and DataConnectors Pittsburgh, and involved 250 face-face interviews.

A common misconception amongst organizations is that all cyber threats originate from outside their organization, yet according to a report published by mcafee.com, 43 percent of data breaches were the result of malicious or incompetent insiders. This problem is emphasized by the continuous surge in healthcare related breaches. For example, according to a report published by Protenus, of the 31 health data breaches disclosed in January 2016 "59.2 percent of breached patient records were the result of insiders."

Continue reading →

Even though the GDPR is just a year from coming into force, the majority of businesses are still unprepared. This is according to new research from Compuware, which says businesses are risking huge non-compliance fines.

Some businesses, truth be told, have made progress since last year.

Continue reading →

More than four fifths (84 percent) of small business owners in the UK, and almost half (43 percent) of senior executives in large companies have no idea what GDPR is and that it’s coming.

That's according to Shred-it’s Security Tracker research, which also found that roughly one in seven (14 percent) of small business owners, and 31 percent of senior executives know what the fines of not complying with the GDPR are.

Continue reading →

In some ways, the new research claiming that people are still the biggest threat to cyber security is hardly surprising; this has been the case for years now. What is surprising is that even with the GDPR only one year away, this hasn't moved on. It seems that organizations are aware of the problem, which of course is a good thing, but isn't it time we began to see research saying that people aren't a threat anymore because organizations have secured their systems against these types of threats and educated their workforces in the process. That kind of research would be much more heartening. Especially so when other research suggests that there's an IT skills shortage coming soon that could make it even more difficult for organizations to secure themselves against cyber threats.

The Institute of Information Security Professionals (IISP) is behind the new research claiming that people are still the biggest threat to cyber security. The research suggests that people are still not cautious enough about phishing scams such as links or attachments in emails or about visiting websites that might not be safe. The IISP also suggests that there is a lack of technical skill that causes problems and interestingly, it also claims that another problem is with organizations making poor critical decisions around strategy and budgets, suggesting that organizations are not focused on the right ways to prevent cyber attacks.

Continue reading →

Every fourth European company has no idea GDPR is coming its way. Consequently, they don’t know about the dangers and the draconic fines that follow those that don’t comply with the upcoming regulation.

This is according to a new report by IDC Research, based on a poll of 700 European companies. More than half (52 percent) don’t know what the impact on their organization is.

Continue reading →

Excessive employee permissions are exposing organizations to insider threats, ransomware and other risks according to the findings of a new report.

Using its Data Security Platform, threat prevention specialist Varonis conducted over a thousand risk assessments for customers and potential customers on a subset of their file systems totaling over 236 million files and 3.79 petabytes of data.

Continue reading →

With implementation of the EU's General Data protection Regulation less than a year away, a new study reveals that many firms are worried about the effect it could have on their bottom line.

The survey from information management company Veritas shows 38 percent of companies think they could lose customers or go out of business as a result of non-compliance. UK firms are expected to spend $1.4 million on GDPR compliance by 2018, but only 37 percent are ready now.

Continue reading →

Even for businesses in sectors like finance and healthcare where compliance and security is ingrained in the culture, protecting sensitive information is a major challenge.

For other sectors where it's incidental to the main business, compliance can be a major headache. With new payment card security requirements and other regulations like GDPR coming into force, businesses in sectors like hospitality need to up their game. We spoke to Geoff Milton, security strategist at data protection company ShieldQ to find out how the hospitality industry can overcome the headaches associated with compliance.

Continue reading →