New European Data Protection Regulation Overhauls 21 Year Old Legislation

May 31, 2016|Elizabeth K. Dunne

 

The General Data Protection Regulation (“GDPR”) is an updated regime set to dominate board rooms across Europe and the world. Organisations that process EU data subject information are now within the scope of the regulation. It is the Sarbanes-Oxley of privacy. It relates to the offer of goods or services to individuals in the EU, irrespective of whether a payment is required, or, the monitoring of those individuals’ behaviour in the EU. Enforcement begins 25th May 2018. Below are the top ten considerations.

Read More

The FBI, Hacking....And Our Privacy

May 30, 2016|Mariann Utrosa

 

The US government is hacking into phones and seizing computers remotely, they have been doing it for a very long time and there is nothing we can do to stop it. Amendments to Rule 41 (Federal Rules of Criminal Procedure) are to blame, wherein the supreme court approved changes that make it easier for law enforcement officials to hack into computing devices, including those which belong to victims of cybercrime. These changes are to take effect in December, 2016, unless congress negates them.

Read More

PCI 3.2 Multi-Factor Authentication Mandate Delayed Until 2018

May 26, 2016|Mariann Utrosa

 

The PCI Security Standards Council (PCI SSC) recently published a new version (3.2) of their Data Security Standards for secure management of payment data before during and after purchases. Two important, pending mandates from the revised PCI DSS version 3.2 have been delayed until 2018.

Read More

Despite Your Best Efforts - Ransomware

May 23, 2016|Ross Morley


Perhaps the biggest bogie on the CISO’s radar, Ransomware is morphing to cottage-industry perpetration via a multitude of easily-deployed malware weapons. As soon as your solution addresses one variation, dozens more seem to pop up, more sophisticated and damaging than ever.

Read More

But, my IT Guy told me that we are well protected. Well … you were not.

 

Interesting article posted by The Hacker News team, Top Data Breaches Reported in last 24 hours 

It’s interesting because except perhaps Google’s internal data breach, I'm almost confident that other organizations on the list were convinced that their data is protected, or at least one would hope that it has been the case.

Read More

What does ‘Value’ mean to you?

May 18, 2016|Jason Wittick

 

Everyone values different things to different degrees, so the concept of value is entirely subjective and typically relative by definition.  As threats emerge, people adapt their behaviour and habits to protect what is valuable to them, but the digital age has triggered a major shift in how individuals decide and categorize what they value.

Read More

The Internet of Things

May 16, 2016|Jason Wittick

 

The Internet of Things (IoT) describes any item or object that can connect to the Internet automatically and then transmit or receive data.  As web-connected devices are becoming more common, the convenience and efficiency they provide will introduce and expose new targets for hackers to target and attack.  The security risks created by IoT-enabled devices have become a popular buzz-topic, but there is truth behind much of the fear-mongering.

Read More

Phishing Danger is Not a Red Herring

May 12, 2016|Mariann Utrosa

Phishing is when someone attempts to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity … most typically in an electronic communication. Spear-phishing is a more targeted attack which is focused on a single person or company and both are similar to actual ‘fishing’ in that they both use bait to try and catch victims.

Read More

Does Encryption Cause A False Sense Of Security?

May 05, 2016|Mariann Utrosa

In the modern information landscape, between cloud, mobile and traditional (static) repositories, data has become far more accessible than ever before.  This convenience comes at a cost, though, because any technology or mechanism that makes your own data more available might also make it easier for a criminal or hacker to target and steal.

Read More