CISO, CIO, CPO: where would you begin with data if you could do it again?

Yaniv Avidan, Chief Executive and Co-founder of MinerEye, discusses the benefits of tight unstructured data management (sponsored).   If you could redesign your network from scratch, would you install unstructured data management controls as one of your first steps? In retrospect, would automated unstructured governance be at the top of your “to do” list if […]

PWC Middle East launches DIFC-backed data protection compliance tool

PwC Middle East has launched a data privacy assessment tool to help companies in Dubai comply with new data protection legislation. The tool, which has been supported by the Dubai International Financial Centre (DIFC) provides organisations with bespoke reports outlining their current status against key requirements of the law, which became enforceable on 1 October. […]

Viva a revolução? Brazil’s new data protection regime

As the LGPD finally came into effect last month, PrivSec Report explores the new law and the impact it could have on the Brazilian data protection ecosystem and culture. The new Brazilian data protection law, Lei Geral de Proteção de Dados Pessoais, or “LGPD”, has received much recent attention on the global privacy stage. Passed in […]

The UK’s Department for Education ‘failed to protect children’s data’

A National Pupil Database held by the UK’s Department of Education had ‘no formal proactive oversight’ to protect children’s data, the Information Commissioner’s Office has found.  The ICO concluded in its compulsory audit this week that DfE had ‘no formal proactive oversight of any function of information governance’ relating to data for millions of children. […]

CJEU ruling poses threat to UK adequacy decision post-Brexit

The Court of Justice of the European Union (CJEU) yesterday ruled that the scope of European fundamental rights to privacy, data protection and freedom of expression extends to mass data retention and collection for national security purposes. In judgments for three cases concerning the UK, France and Belgium, the Court found that despite national security […]

How do you make your data retention defensible? Register for our free webinar

Over-retention of data is a major data privacy risk. US and international regulations specifically require that companies ensure their retention standards are up-to-date and enforced and that all obsolete records containing regulated sensitive data are disposed of promptly. By implementing defensible data minimization strategies across your organization you can significantly reduce your costs and risks. […]

Fun and games: Protecting children’s data in the gaming industry

Jürgen Bänsch is Director for Policy and Public Affairs at the Interactive Software Federation of Europe (ISFE), and Director of Policy and Government Relations at the Pan European Game Information (PEGI). Ahead of PrivSec Global 2020, he takes PrivSec through the work being done in the gaming sector to protect the data and privacy of […]

US Treasury warns making ransomware payments could breach sanctions regulations

The US Treasury department has warned that facilitating payments to cybercriminals to remove ransomware from IT systems risks breaching sanctions regulations. In an advisory note published today, the treasury’s Office of Foreign Assets Control (OFAC)  said demand for ransomware payments has increased during the Covid-19 pandemic. Ransomware is designed to block access to a computer system […]

Ensuring security in the journey towards digital healthcare

There are more digital touchpoints in the healthcare systems we experience today than ever before. Telemedicine, virtual care, medical devices enabled by the Internet of Things (IoT) and patient communication portals are helping to improve clinical outcomes and provide new models of care in a rapidly changing healthcare landscape. This transition towards digitally enabled healthcare […]