Tag: data breach

Tag: data breach

Processor Contract – How Data Processors can inadvertently become Controllers…and why it matters!
27/01/2020 DPO Blog, Security Advisory Blog admin

For those of you who deal with the wonderful document that is a data processor contract. Whether you’re on the Controller side or the Processor side, you will know there are quite a few hoops to jump through. This is because GDPR strengthened the requirements of a Controller-Processor relationship, outlined in Article 28. That said,

Read More
GDPR Subject Access – why verifying ID can be dangerous!
20/01/2020 DPO Blog, Security Advisory Blog admin

wrote a few weeks ago discussing how DSAR volumes may have gone up in your organisation and that it’s probably not simply down to the GDPR Subject Access hurdles being lowered for Data Subjects. Since GDPR came into force in May 2018, Data Subjects now don’t have to pay a fee (in most cases). The

Read More
Data Breach: 10% of affected businesses closed down in 2019…or did they…?
23/10/2019 CISO Blog, DPO Blog, Security Advisory Blog admin

I know there is a rush to get things out the door and I am very grateful for those who report on data breach stats but this article from Dark Reading piqued my interest: 10% of Small Businesses Breached Shut Down in 2019. Whenever I see a statistic like this I am always a little

Read More
CISO role: All C and no IA, the 33% CISOs failing their organisations!
23/08/2019 CISO Blog admin

In the last (maybe…) of my three-part CISO rant series (See Part One and Part Two if you want to catch up) I am going to wrap up with a rant about the 33% CISOs not giving their organisations of a full CISO role. These are the CISOs who think their role is solely about

Read More
Are the big GDPR fines finally coming into land – and does it matter?
08/07/2019 CISO Blog, DPO Blog admin

So what was my prediction? Well, based on previous major data breaches (such as the TalkTalk breach) I hypothesised that, it seems to take the ICO around 12-18 months from a major incident occurring, to the ICO carrying out an investigation and subsequently issuing a fine…and then of course the inevitable appeal wrangling for reduction of the original fine amount. Therefore, if there were to be an in-scope breach on the 26th May 2018 it would likely be between May and November 2019 before a large fine would be finally agreed.

Read More