Video Conferencing – security and data protection

In the dim and distant past, which is any time before March 2020 for the purposes of this blog, video conferencing wasn’t widely used by the majority of businesses for their day-to-day communications. I remember preparing for a video conferencing session by a multi national company many years ago – bulky cameras taken out of… Read More

Navigating the ‘new normal’ – take opportunities, manage risks

COVID19 has meant changes to how we live and work. Organisations of all sizes must now adapt to the ‘new normal’ to survive and grow. Some changes will be positive – why didn’t we do this before! – while others will unfortunately have a negative impact. Organisations that think about what could be done in… Read More

More companies offering solutions to help meet Data Protection requirements

With the GDPR, the CCPA and other requirements coming into force, companies need tools to help them meet requirements in areas such as identifying and mapping personal data, keeping it secure, managing consent, dealing with requests from data subjects exercising their rights and with incidents. The number of companies offering solutions has increased by over… Read More

Highlights from our work in 2019

2019 was the year when we worked in more business sectors to help with Information and Cyber Security and data protection requirements. ISO27001 Helped 3 SMEs get ISO27001 certification Worked with 4 organisations on their ISO27001 Surveillance programmes. This included updating of risk assessments, doing internal audits and running desktop tests of business continuity plans… Read More

Data Protection with a hard Brexit – you might not need a representative in the UK

Several companies have made claims similar to “EU companies required to appoint UK Representative if there is a NO DEAL Brexit”. The headlines are wrong. I checked the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 and with the ICO. EU companies MAY need to appoint a UK representative, but if… Read More

GDPR – Large scale processing

The GDPR refers to large scale processing several times. Questions about what is meant by this come up on a regular basis. We have produced a short video with details on factors to consider, examples of large scale processing and examples of what isn’t large scale processing. Get in touch if you need help with… Read More

CNIL – causes of reported data breaches (May – October 2018)

The CNIL (the French Data Protection Authority) received 742 notifications of personal data breaches (and see the original report in French) that affected over 33 million individuals located in France or elsewhere. 695 related to confidentiality breaches. The accommodation and food services sector had the highest number of breaches – 185. This is due to a specific case… Read More

My top 3 items from the Information Commissioner’s fireside chat

On Tuesday 17 October I was at IAPP’s ‘fireside chat’ with Elizabeth Denham, the Information Commissioner. The top 3 items for me were: GDPR certification – details to be published in early 2018, the ICO is leading the work on this in WP29. The Commissioner thought it should be based on Accountability and mentioned the approach… Read More

Mirror mirror on the wall, who’s the fairest Application and OS of them all

The Computer Vulnerabilities and Exposures (CVE) website provides yearly summaries of application and operating systems vulnerabilities. Having a vulnerability is not the same as it actually being exploited, but the figures provide a useful, if somewhat crude way, of identifying what needs protecting and how this compares to 2015. For anyone that doesn’t want to read much further the… Read More

Perception vs Reality of cyber crime

Would you consider your house as secure if it had been broken into in the past year, and the police had not caught the gang that was breaking into most of the other houses on your street? Probably not. Compare this to businesses and cyber crime. A recent report indicates there is a disconnect between the reality… Read More