Articles about GDPR

New research from IT procurement company Probrand shows that 68 percent of UK businesses have failed to wipe the data from IT equipment before disposal, leaving them open to fines under GDPR if data is exposed.

In addition 70 percent admit to not having an official process or protocol for disposing of obsolete IT equipment.

Continue reading →

A new report released ahead of the Infosecurity North America event to be held next month, shows that the majority of chief information security officers (CISOs) are receiving conflicting advice about new or changing regulation.

In addition, when asked what regulatory bodies should do to help promote a smooth rollout of privacy regulations, 35 percent of respondents say that regulators should provide clearer communication about compliance requirements.

Continue reading →

New figures from Kaspersky Lab show that more than a third (35.7 percent) of phishing attempts in the second quarter of 2018 attempts were related to financial services via fraudulent banking or payment pages.

The IT sector was second hardest hit, with 13.83 percent of attacks targeting technology companies, a 12.28 percent increase compared to Q1.

Continue reading →

As businesses shift their systems to the cloud there is inevitably an increase in complexity that makes maintaining security more of a challenge.

Security policy management specialist AlgoSec is launching a new version of its Security Management Solution to enable policy management across clouds and software-define networks.

Continue reading →

Four giants of the technology world have joined forces in an attempt to make it easier for people to move data between services. The collaboration between Google, Facebook, Microsoft and Twitter takes the form of the open source Data Transfer Project, the aim of which is to make it possible to "transfer data directly from one service to another, without needing to download and re-upload it".

The four companies joining announced the data portability platform which currently makes use of public APIs to offer support for photos, mail, contacts, calendars and tasks from the founders as well as other companies who are encouraged to get involved.

Continue reading →

The security breach suffered by Timehop on July 4 was much more serious than the company first thought. In an update to its original announcement, the company has revealed that while the number of account affected by the breach -- 21 million -- has not changed, the range of personal data accessed by hackers is much broader.

Timehop has released an updated timeline of events, having initially felt forced by new GDPR rules to publish some details of the breach before all information had been gathered. The company says that it is also unsure of where it stands with GDPR, and is working with specialists and EU authorities to ensure compliance.

Continue reading →

According to a new study, 68 percent of IT professionals believe their organizations are failing to carry out all procedures in line with data protection laws.

The report from digital security specialist Gemalto also shows 65 percent of companies are unable to analyze all the data they collect and only just over half (54 percent) know where all of their sensitive data is stored.

Continue reading →

A new survey of 2,000 UK adults reveals that almost three quarters worry that their details will be stolen every time they hand over bank details and email addresses to companies.

What’s more around one in five have already had their data stolen according to the study commissioned by BullGuard, and almost a third of these had been out of pocket as a result.

Continue reading →

Protecting customer data should always be a top priority for businesses. But doing so is increasingly extending beyond moral responsibility and taking on the form of legal requirement. As you’ve surely heard, the General Data Protection Regulation (GDPR) took effect May 25. This set of regulations, which replaces the Data Protection Act 1998, legislates online data rights for any organization that sells products or services to European Union (EU) customers.

Complying with these new rules might seem daunting (and even unnecessary) for US-based small businesses, particularly since there’s still a lot of confusion regarding the specifics of these new rules and requirements. But if you can understand these five keys to customer data protection, it will go a long way toward helping your business achieve compliance.

Continue reading →

GDPR -- it’s a nightmare for organizations, but a much-needed protection for citizens in our world of Cambridge Analytica, criminal hackers, and nation-states cyberthreats. There are many aspects of the regulation that are extremely tricky to implement, but let’s consider just one. Imagine the following scenario:

A new customer signs up to your eCommerce website. Their data gets moved into several back-end systems; maybe a CRM, an accounts system, an order management system, marketing, and probably some kind of data science workbench. Sometime later, an analyst is tasked with analyzing new customers and their behaviors, their retention rates, and other important factors. They know customer data is spread out across dozens of these systems, so they ask IT to prepare a dataset for them. Maybe a month later IT come back with a dataset that has been provisioned in the corporate Data Lake. The data isn’t quite fit for purpose and contains far more information than the analyst needs.

Continue reading →

In the last 12 months, 44 percent of organizations have suffered at least one data breach. More worrying is that of those reporting a data breach, the average was almost 30 data breaches per organization in the last year.

This is according to a study from identity management company SailPoint, released at this week's Infosecurity Europe. These breaches cost the organizations nearly $1 million to address from an IT perspective, which excludes fines, lost revenue and brand damage.

Continue reading →

A large majority of people say they are concerned about their online privacy, but this is not reflected in their actions according to a new study.

The survey from Blue Fountain Media reveals that 90 percent of respondents are very concerned about their internet privacy and 48 percent wish 'more was being done about it'.

Continue reading →

Ghostery is a company rooted in privacy, so that the firm should accidentally reveal users' email addresses would come as something of a surprise. Over the weekend, however, this is exactly what happened.

The company -- as many others have been doing recently -- emailed its users with details of its updated privacy policy that complies with GDPR. Unfortunately, the message exposed the email addresses of hundreds of customers as the company failed to make use of the BCC field.

Continue reading →

It has been impossible to avoid stories about GDPR over the last few weeks and months, and today the new rules regarding privacy and personal data come into force across the EU.

Inboxes across Europe have been flooded with GDPR-related emails as companies have rushed to comply with the new regulations that require them to seek consent from users to collect data about them. But now GDPR day has arrived, dozens of US websites are blocked in the EU.

Continue reading →

With the recent scandals involving Facebook coupled with the impending arrival of GDPR in Europe, there has been a lot of talk about privacy recently. Now the social networking giant is to start asking all of its users to review information about privacy and "how to control their experience".

The company says that it introduced updated data policies and made privacy settings easier to find, as well as making other changes, in Europe, and now is rolling out the same things to the rest of the world.

Continue reading →