The Risks of Checkbox Compliance

A key principle of the GDPR is that personal data must be processed securely, using “appropriate technical and organisational measures” – the “security principle”. To meet this principle, organisations implement a variety of IT security technologies, all aimed at protecting information where it is stored and processed. By deploying technologies like these, organisations can “check […]

The Great Digital Disruption: Adjusting to a New Normal in Cybersecurity

COVID-19 has forced societies, governments, businesses and individuals to suddenly rethink long-held practices and processes. This includes fundamental aspects of our lives, such as how and where we work, teach, learn, live and interact. It is hard to think of any other single event that has caused as much disruption in such a short moment […]

TikTok fights US ban in federal court challenge

Tiktok has gone to court to challenge Donald Trump’s executive order banning US transactions with its owner. The US administration announced the order earlier this month amid White House allegations that the company is a threat to national security. US security officials have reportedly expressed concern that the app, owned by Chinese firm ByteDance, could […]

Uber former security chief charged in connection with attempted data breach cover-up

The US Department of Justice has charged Joseph Sullivan, former chief security officer at Uber, with obstruction of justice following a data breach. Mr Sullivan allegedly tried to cover up a 2016 hack that compromised data of millions of users and drivers, federal court papers filed last week in San Francisco said. Hackers exposed details […]

Making the most of return to work and infosec requirements

The three pillars of information security or infosec are confidentiality, integrity and availability, of which the first is the most accessible for most users. Trying to implement infosec controls alongside business as usual is challenging at the best of times. This article explores the challenges in implementing infosec controls. It looks at the potential opportunity […]

Data protection is everyone’s job so it’s no one’s job

Ask a company which role or team is ultimately responsible for ensuring data protection or data security, and they often cannot give a single, clear answer. Data protection is inherently a cross-functional problem, but different parts of the organisation are focused on different priorities, and rightly so. Data security and governance too often fall between […]

Follow the Sun: Last Thursday in Privacy Must-Watch Sessions

For several months, Data Protection World Forum has gathered together the insights of thousands of data protection and security experts for its Last Thursday in Privacy virtual event. But if you missed out on attending our most recent event, held on 30 July, you still have the opportunity to catch-up on the cutting-edge sessions from […]