DID YOU KNOW: We now have a comprehensive DSAR Course – Check it out here: Click to see Course Landing Page There seems to be this idea floating around that if the data is collected from publicly available sites then it is fair game for marketers. If someone has created a profile on LinkedIn for…
Read more
I know there is a rush to get things out the door and I am very grateful for those who report on data breach stats but this article from Dark Reading piqued my interest: 10% of Small Businesses Breached Shut Down in 2019. Whenever I see a statistic like this I am always a little…
Read more
Firstly, this is legal information about cookie consent, not legal advice… The judgement of the CJEU case C-673/17 is now doing the rounds and as one has come to expect when it comes to Data Protection recently, there is a lot of hot air and bluster about what the ruling means. Is this some form of paradigm shift in…
Read more
Whether you believe climate change is a real thing or not there is no arguing 16-year-old Greta Thunberg is making headlines. Her efforts to raise awareness about this key issue of our time are pretty impressive. Whilst some people don’t think climate change is real, as a person who believes in evidence-based decision-making, I am going to pin my colours…
Read more
Once an organisation understands the technical debt borrowed by its project managers the more likely projects will deliver the expected outcomes.
I would strongly recommend periodically asking your staff for their current qualifications’ CPE transcripts. Not just your InfoSec or Risk specialists but all your specialists.
What appears to be a well-intended improvement to reduce risk being completely unused because it was poorly envisaged, poorly implemented, with the original control measure still to be decommissioned and so that control is still being used whilst the new control is to all intents and purposes gathering dust.
With six months to go before the California Consumer Privacy Act CCPA goes live in California, it seems we are progressively moving towards common ground when it comes to international privacy law…or are we…?
So what was my prediction? Well, based on previous major data breaches (such as the TalkTalk breach) I hypothesised that, it seems to take the ICO around 12-18 months from a major incident occurring, to the ICO carrying out an investigation and subsequently issuing a fine…and then of course the inevitable appeal wrangling for reduction of the original fine amount. Therefore, if there were to be an in-scope breach on the 26th May 2018 it would likely be between May and November 2019 before a large fine would be finally agreed.
This article looks at the different approaches organisations can take when assessing the competence of potential DPO candidates.
