IT Governance

JUNE 1, 2018

This week, we discuss the sentencing of one of the perpetrators of the 2013 Yahoo breach, a new type of denial-of-service attack that can crash computers just using sound and how not to email your customers. Hello and welcome to the IT Governance podcast for Friday, 1 June 2018. Here are this week’s stories.

GDPR 51

GDPR Compliance Computer and Electronics Data breaches 51

IT Governance

MARCH 1, 2018

There is a massive skills shortage in key areas such as IT security, governance and compliance in 2018. This shortfall appears to be exacerbated by changes in government policies and other regulatory pressures and the rise in data breaches. Advance your career this year with training courses from IT Governance.

GDPR 47

GDPR Information Security Government Compliance 47

IT Governance

DECEMBER 23, 2020

Welcome to the second part of our cyber security review of 2020, in which we look back at the biggest stories from July to December. With COVID-19 under control, the UK government announced that lockdown measures would be eased from 4 July, with pubs, cafés, cinemas and museums allowed to reopen. You can read the first part here >>.

Data breaches 87

Data breaches Ransomware Government GDPR 87

IT Governance

JANUARY 15, 2020

After all, ISO 27701 has significant consequences for the way organisations operate and how they approach the GDPR (General Data Protection Regulation) , and we couldn’t answer everything in the allotted time. The latest version of ISO 27001 was published in 2013, but a new version is currently being drafted.

GDPR 59

GDPR Privacy Compliance Paper 59

The Last Watchdog

MAY 11, 2020

Related: How the Middle East has advanced mobile security regulations Over the past couple of decades, meaningful initiatives to improve online privacy and security, for both companies and consumers, incrementally gained traction in the tech sector and among key regulatory agencies across Europe, the Middle East and North America.

Computer and Electronics 113

Computer and Electronics Encryption Privacy Cybersecurity 113

IT Governance

MAY 29, 2018

Remember when I said last month that “with the GDPR less than a month away I imagine future lists will be even longer thanks to the introduction of mandatory data breach notifications”? Well, May’s list of incidents is very long, and the GDPR only came into effect at the end of the month. I’m not, though. I’m entirely guileless.

Data breaches 86

Data breaches GDPR Ransomware Passwords 86

IT Governance

NOVEMBER 19, 2018

Since the EU GDPR (General Data Protection Regulation) took effect in May 2018, Scottish organisations are inevitably focusing on protecting the confidentiality, integrity and availability of the personal data they process in order to minimise the risk of administrative fines, reputational damage and legal action. What is ISO 27001?

Information Security 58

Information Security Risk Data breaches Personal data 58

Thales Cloud Protection & Licensing

FEBRUARY 13, 2018

Continuing the trend in many regions toward introducing new data protection legislation, the POPI Act was signed into law in 2013 by South African President Jacob Zuma, although it is not yet fully effective. It behooves companies, government agencies, nonprofits and other entities to understand what new requirements POPI imposes on them.

Encryption 66

Encryption e-Discovery Personal data Risk 66

DLA Piper Privacy Matters

APRIL 1, 2020

The Supreme Court held that: The earlier judgments of the High Court and Court of Appeal had misunderstood the principles governing vicarious liability. In November 2013, an aggrieved Morrisons employee, Andrew Skelton, downloaded payroll data he was entrusted with at work onto a personal USB stick. Background.

Data breaches 59

Data breaches GDPR Personal data Information governance 59

DLA Piper Privacy Matters

JANUARY 21, 2019

On 12 December 2018, the French Government issued an ordinance [1] finalizing, at the legislative level [2] , the alignment of the French Data Protection Law (“FDPL”) with the General Data Protection Regulation [3] (“GDPR”) and the Directive 2016/680 [4]. Following-up the adoption of the GDPR, the French Law No.

GDPR 49

GDPR Personal data Communications Government 49

IT Governance

FEBRUARY 22, 2018

Hello and welcome to the IT Governance podcast for Friday, 23 February 2018. Cyber security reports are a bit like the proverbial London omnibus: you seem to wait for ages, then several come along at once. Yet, 56% of councils who failed to protect data from cyber security threats did not even report the incidents.”.

Mining 49

Mining GDPR Risk Security awareness 49

DLA Piper Privacy Matters

JULY 1, 2019

If this happens, many organisations will be left without any practical solution to legitimise the international transfer of personal data outside the EEA and exposure to the threat of GDPR revenue based fines, regulatory sanctions including injunctions and third party claims for compensation. Why are SCCs and Privacy Shield important?

Privacy 94

Privacy Personal data GDPR Risk 94

IT Governance

JANUARY 4, 2018

Hello and welcome to the first IT Governance podcast of 2018. Back in December 2016, Yahoo admitted that more than 1 billion customers’ records had been compromised by an unauthorised third party in 2013. It found that the actual number of Yahoo accounts breached in 2013 was… 3 billion. Happy new year. Wanna Decryptor or Wcry.

Passwords 51

Passwords Data breaches GDPR Encryption 51

IT Governance

OCTOBER 17, 2019

Understand your GDPR and PECR compliance gaps by contacting IT Governance for a privacy audit. Our Certified ISO 27001 ISMS Lead Auditor Training Course equips you with the skills to conduct second-party (supplier) and third-party (external and certification) ISMS (information security management system) audits. Why is this bad?

Compliance 67

Compliance Government GDPR IT 67

IT Governance

DECEMBER 13, 2018

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. Hello and welcome to the final IT Governance podcast of 2018. The year started with the revelation of Spectre and Meltdown – major security flaws affecting processors manufactured by Intel, ARM and AMD.

Data breaches 54

Data breaches Personal data Access GDPR 54

AIIM

NOVEMBER 2, 2017

We can be sure that issues like the Equifax breach and Yahoo’s recent disclosure of the scope of the 2013 breach will remain topics of discussion and litigation for some time to come. In December of 2015 an agreement was reached, leading to the adoption of General Data Protection Regulation (GDPR) in April 2016. But more on them later.

GDPR 86

GDPR Privacy Compliance Information architecture 86

IT Governance

APRIL 18, 2018

Under the EU’s General Data Protection Regulation (GDPR), aggrieved data subjects can sue firms for failing to secure their personal data properly. When you consider the scale of the new fines, the recent surge in data security incidents affecting professional services firms is sobering.

GDPR 48

GDPR Compliance Paper Data breaches 48

Data Protector

OCTOBER 11, 2017

Banks must still be allowed to process data to prevent fraud; regulators must still be allowed to process data to investigate malpractice and corruption; sports governing bodies must be allowed to process data to keep the cheats out; and journalists must still be able to investigate scandal and malpractice.

GDPR 120

GDPR Personal data Government IT 120

Collibra

AUGUST 4, 2020

But the general public is not the only ones concerned about data security. Data security and privacy professionals are also fearful about protecting sensitive information within their organization. . But how can businesses balance digital transformation, data security and data privacy? Regulatory fines.

Digital transformation 59

Digital transformation Data Privacy Privacy Metadata 59

IT Governance

AUGUST 20, 2020

ISO/IEC 27701:2019 is a privacy extension to the internationally recognised management system standard for information security, ISO/IEC 27001:2013, providing a set of privacy-specific requirements, controls and control objectives. Why was ISO 27701 developed? How to manage and drive continual improvement under ISO 27701.

Privacy 98

Privacy GDPR Information Security Personal data 98

IT Governance

APRIL 22, 2024

million records from World-Check, a screening database used to screen potential customers for links to illegal activity and government sanctions. Compromised data includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers.

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

IT Governance

MARCH 14, 2018

Robust information security practices are critical to the legal sector – yet there is a notable gabetween the risks that firms face and their ability to mitigate them. Every law firm faces information security risks. However, as the bill is yet to be enacted, we refer to the GDPR.).

GDPR 55

GDPR Information Security Compliance Phishing 55

Schneier on Security

FEBRUARY 21, 2020

He didn't become a senator until 2013.) Back then, he and Vermont Senator Patrick Leahy were the most knowledgeable on this issue and our biggest supporters against government backdoors. I teach cybersecurity policy and technology at the Harvard Kennedy School of Government. See, for example, parts of the GDPR.)

Encryption 133

Encryption IoT Cybersecurity IT 133

Troy Hunt

DECEMBER 3, 2023

Search for your account across multiple breaches [link] — Have I Been Pwned (@haveibeenpwned) December 4, 2013 And then, as they say, things kinda escalated quickly. ” Anyone can type in an email address into the site to check if their personal data has been compromised in a security breach. "Have I been pwned?"

Data breaches 145

Data breaches Passwords Sales IT 145

IT Governance

MAY 10, 2018

Hello and welcome to the IT Governance podcast for Friday, 11 May 2018. Two weeks till the GDPR comes into effect… I hope you’re enjoying all the privacy notices you’ve been receiving over the last few weeks. This is the single best action you can take to increase your account security. I know I have.

Passwords 53

Passwords Compliance Risk Cloud 53

IT Governance

JANUARY 18, 2018

Many small and medium-sized enterprises (SMEs) mistakenly believe that criminal hackers only target large organisations, leading them to think it is not necessary to implement the same security measures. A recent survey by Duo Security and YouGov found that as many as 45% of small businesses mistakenly think they are not a viable target.

Risk 43

Risk GDPR Compliance Security 43

IT Governance

JULY 13, 2018

Hello and welcome to the IT Governance podcast for Friday, 13 July. The travel agent Thomas Cook has exposed passenger information relating to “tens of thousands – or maybe hundreds of thousands – of [trips]” because of a basic security mistake, according to the Norwegian programmer Roy Solberg. Here are this week’s stories.

Business Services 49

Business Services Marketing Data breaches Paper 49

Data Matters

SEPTEMBER 29, 2021

To pick just two recent examples of the latter, the EU’s General Data Protection Regulation1 (GDPR) and the California Consumer Privacy Act2 (CCPA) both impose sweeping requirements on businesses with the aim of increasing consumers’ privacy and control over how their personal data is used.

Privacy 94

Privacy e-Discovery Computer and Electronics e-Delivery 94

ForAllSecure

APRIL 19, 2023

And, and that did that for 13 years and because of my involvement in critical infrastructure, I was asked by the White House to assist in developing the NIST cybersecurity framework in 2013. All kinds of security protections, different things. I was the head of the cybersecurity practice. We add Kubernetes via containerization.

Analytics 40

Analytics Communications Computer and Electronics IT 40

IT Governance

AUGUST 7, 2018

As the global authority on ISO 27001 , the international standard that dictates best practice for an ISMS, IT Governance offers a wide range of ISO 27001 resources. Inform ation Security & ISO 27001: An introduction: Discover what ISO 27001 is, and how complying with the Standard can benefit your organisation.

Risk 42

Risk Information Security GDPR Compliance 42

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. With evolving attack methodologies due to machine learning, quantum computing, and sophisticated nation-state hackers, security startups are receiving record funding.

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

IT Governance

OCTOBER 25, 2018

Hello and welcome to the IT Governance podcast for Friday, 26 October. Well, it still stands by its claims that the Chinese People’s Liberation Army implanted malicious microchips on server motherboards used by the like of Apple, Amazon and the US government. Here are this week’s stories.

Data Privacy 55

Data Privacy Privacy Data breaches GDPR 55

AIIM

JANUARY 30, 2020

However, unlike the GDPR's transparency requirements (no matter how debatable), the proposed bill would not require those assessments to be made public. Another way in the bill is weaker than the GDPR in that there would be no private right of action, as it would instead empower state attorneys general to bring civil actions in federal court.

Artificial Intelligence 130

Artificial Intelligence Energy and Utilities Government GDPR 130