IT Security News & Blog

When the topic of the GDPR (General Data Protection) was hotting up a couple of years back, one question which would raise its head consistently was the compatibility of the cloud with elements of the regulation which restrict the geographical location of data processing....

From the 1st of January 2019, all Danish organisations which use email as a mechanism for processing personal data will be required, by law to use a form email encryption. Strictly interpreted by the Danish supervisory authority under article 9 of the GDPR (General Data Protection Regulation)....

There is no shortage of information about the GDPR out there, from the six core principles to data subjects rights to the lawful basis for processing, there is a dizzy number of changes an organisation may need to implement....

Have you ever met an IT manager, administrator, CISO or compliance officer who had a lot of time on their hands? No, me neither. If they exist, then they are certainly a rare breed!...

In bringing your workforce up to speed to ensure compliance with GDPR, you’ll require top quality information security and data privacy training content. The OutThink learning material is developed by industry experts working alongside education professionals, human-computer interaction specialists, psychologists, as well as behavioural change and communication experts....

The GDPR (General Data Protection Regulation) is a difficult beast, with some estimates as low as 15% for the number of organisations who considered themselves GDPR ready by May 25th 2018. Not a surprise then considering the debacle that was re-consent email deluge and the "we have changed our privacy policy" communications that flooded everyone's inbox....

It may be obvious to some that FTP (File Transfer Protocol) is an insecure protocol; and that its continued use for transferring sensitive or personal is inappropriate. Yet, its use for that very purpose still continues according to Rapid7, creating an unnecessary risk....

Do you send sensitive documents and files using regular email? Could you do more to protect those documents and files to ensure their confidentiality? These are just two of the more obvious questions which many an IT administrator and security officer are now asking their organisations, as the world and it's regulators become more focussed and stringent on data protection....

Now that the General Data Protection Regulation (GDPR) is live and enforced, the focus has shifted from how to comply with how to maintain the controls and processes which have been implemented. While this may just seem like a continuation of what has been achieved already, it is in actual fact a moment to improve. Those processes and changes which were rushed or not properly embedded into day-to-day operations will now need to be cultivated amongst staff for the long haul....

Is the board listening? We all know that GDPR will be enforced from 25th May 2018, but is your board aware of their new privacy obligations? While there is substantial GDPR coverage in the technical press, has the message got through to senior management?  Are their preparations adequate?...

The GDPR (General Data Protection Regulation) has for some, fundamentally changed the way that businesses operate, with regard to the collection, processing and transferring of personal data. What is often referred to as the world's most forward-thinking data protection regulation, has forced data controllers to ensure basic levels of security are in-place in order to reduce the risk of loss, disclosure, unauthorised processing, deletion or manipulation....