Cyber Security Archive
EU Data Protection Supervisor Giovanni Buttarelli said yesterday that the first GDPR sanctions – fines, ultimatums, bans – will be imposed by the end of this year. Buttarelli co-ordinates the supervisory agencies across the EU, so he probably knows what …
Although it is largely expected that Internet giants like Facebook deal rapaciously with users’ personal data, it is astonishing that a publicly funded institution such as the NHS should decide to ignore the recommendations of its own CIO on the …
Boards should take note of the FCA’s (Financial Conduct Authority) £16.4 million fine of Tesco Bank for failing to prevent a cyber attack that, in the end, directly affected only 34 customers (although it did disrupt services for many others) …
The EU GDPR (General Data Protection Regulation) issues administrative fines for non-compliance. The higher-tier fine is up to 4% of an organization’s global turnover or €20 million (about $24 million), whichever is greater. Although they differ in content, all 50 …
If you’re in someone’s supply chain (and, being a business, I take that as read), then your customers expect you to be cyber secure. If you’re not, it looks like you’re in trouble. A survey released by Opinium shows that …
The ICO (Information Commissioner’s Office) has, for the first time, issued the maximum fine permissible – £500,000 – to Equifax Ltd in response to a breach of the DPA (Data Protection Act) 1998. The investigation into the September 2017 breach, …
Just before the millennium, Steve Watkins and I wrote IT Governance: A Manager’s Guide with the specific intention of arming boards and senior managers with the tools to enable them to properly govern information security in their organisations. The book …
TV Licensing has assured 40,000 TV licence-paying customers whose contact and bank details were intercepted on the TV Licensing website that “the risk is low”. Really? If the risk is low, why also warn the victims that they should …
Recent ISO statistics show that the number of ISO 27001 certificates worldwide increased by 19% last year, to a total of almost 40,000. The UK grew at 34% and the USA at 36% – both countries that understand the need …
There are now two law firms putting together class action lawsuits against BA under the provisions of Article 82 of the GDPR (General Data Protection Regulation), which entitles data subjects to financial compensation for non-financial damages. If the 380,000 customers …
