|
The clock is ticking…
There's a narrow window of opportunity to analyse, recover and comply following a cyber incident. Daniel Saunders at NTT Security offers some insight |  |
|
Vendor accountability
Simon Roe at Outpost24 says that developing secure applications by design is the way forward |
 |
|
Abrogation of duty
Cloud providers need to explain how they protect the data they handle, writes Chris Burden at Memset
|
 |
|
Coding website security
With their latest Threat Monitoring Report indicating a spike in attempted PHP related web attacks, Neil Lathwood at UKFast examines the risk
|
 |
|
The art of reporting
GDPR isn't just confined to compliance - and some organisations are failing to report data security breaches correctly
|
 |
|
|
|
Comment
Welcome to the July 2019 Newsletter.
We’ve now passed the first anniversary of the introduction of the GDPR – so what kind of a year has it been? Well this month has seen the Information Commissioner’s Office (ICO) hand out its first major fines to British Airways (£183.4 million) and Marriott (£99) respectively for breaching GDPR data laws in a move that unequivocally signals just how seriously organisations need to take the regulations. This comes at a time when, according to new research from Parsec, two thirds of UK businesses saw an increase in data access requests from customers and their own employees in the 12 months following the GDPR’s introduction. According to Parseq MD Craig Naylor-Smith, “The fact that so many firms have struggled to respond to the surge in requests suggests that the pressure this has put on businesses has been greater than they anticipated, or that many were simply unprepared for what GDPR would bring.”
And the demands of GDPR don’t end there. As Frederik Schouboe, CEO at Keepit Group makes clear in his article this month, compliance with GDPR regulations isn’t the end of a company’s obligations: organisations also have to be prepared to report a data breach to the ICO within 72 hours of it being discovered. As Frederik explains, “It's not just about protecting data; it's also about back-up and recovery.“
For Sarah Armstrong Smith, Head of Continuity & Resilience at Fujitsu, the GDPR anniversary has underlined “A real change in how companies use data: before, businesses were gathering all the data available with a view to how they could improve their business model by tracking and profiling customers to leverage this information, in the form of data analytics. One year after GDPR came into force, businesses are considering the legitimacy of data holdings and taking steps to process this in a lawful way. It’s by no means perfect, but it’s positive to see that organisations are making a concerted effort to improve their data governance.”
It seems certain then that GDPR will receive plenty of coverage in its second year too.
Follow us :
To make sure you get your copy of the Newsletter emailed to you personally, every time, click here to register.
|
|
