Cyber Security - Resilience - Data Protection
When pitching for consultancy work, many of our clients are [initially] surprised we at Fox Red Risk do not price any of our services based on a daily rate model. It seems the majority of consulting organisations, small and large, price their jobs based on some form of time-based billing. This billing approach may be…
Read more
According to the 2020/21 ICO annual report, around half of the [46% of ~40k] complaints the regulator receives are related to subject access. Fulfilling DSARs is clearly an area where Data Controllers are facing challenges with data subject satisfaction. In a previous article, I wrote about coping with DSAR volumes, suggesting methods to bring such high numbers…
Read more
No doubt, if you’re following the news, you may have seen an uptick in the number of ransomware attacks doing the rounds. There have been quite a few. In particular, the Colonial Pipeline attack. It’s beginning to seem a lot like Groundhog Day! You would think, after seeing how the ransomware attack in January 2020 crippled…
Read more
Every time there is a major incident, whether it be a global pandemic or a natural disaster. Whether it be an IT Outage or a bout of unseasonably hot or cold weather, the rallying cry of those trying to defend the paucity of their response to the unfolding events is now cliche: “We never thought…
Read more
Single points of failure (SPOF) creep into many business processes. Often unintentionally. Some exist from the outset but were simply not assessed, or were assessed and deemed low risk. That legacy server running a critical piece of code wasn’t legacy at the beginning. That retiring SME, the one who wrote the code, had just started.…
Read more
It’s Monday morning and I have already been up for a while. I have had a few cups of tea. I have answered a few emails. I have written and submitted a proposal for a new piece of work. It’s a great client too. When I submitted the proposal I had a sense of relief…
Read more
Remember a couple of years ago (when life was so very different). Remember reaching that point in your security maturity journey where you needed a way of detecting security events without the help of the BBC News letting you know? Remember looking at all those complex SIEM solutions? Remember deciding the time and effort involved…
Read more
The information contained in this article is provided for informational purposes only, and should not be construed as legal advice on any subject matter So…it’s here! Despite many saying it was not possible, a free trade deal has been done. Whether it’s a good deal or a bad deal for the UK is yet to…
Read more
I’m sure you’re already well on the way to planning your 2021…what it’s December already? Yup, the annus horribilis that is 2020 is coming to an end. With multiple vaccines in the pipeline, 2021 should [hopefully] be a year where we can get things back to normal. Well, a new normal! Whilst 2020 has placed a number of restrictions…
Read more
On an Ominous Friday the 13th, the UK Data Protection Regulator, the ICO, fined Ticketmaster UK Ltd £1.25million for a data protection breach that occurred over 9 weeks in 2018. In an interesting twist, some of the breach occurred pre-GDPR and some occurred post-GDPR. The 7-figure fine reflects the part of the breach that occurred…
Read more
