Opinion

Opinion

IT legislation and regulation

• The ICO is right to push back against government meddling

  Some criticisms of the ICO are justified, but the answer to that is not to give Whitehall more oversight over the data protection regulator, argues legal expert Edward Machin  Continue Reading

• Watching me, watching you – challenging the rise of digital surveillance at work

  Unprecedented levels of digital monitoring at work is embedding a culture of surveillance, despite workers’ opposition to the practices, says Prospect Union  Continue Reading

• Encryption protects the marginalised – and it’s under threat

  Encryption keeps marginalised groups connected and safe, but new regulatory attempts to break it put them at risk  Continue Reading

• Security Think Tank: Responsible vulnerability disclosure is a joint effort

  By working hand-in-hand, developers and security researchers can both play a vital role in ensuring newly-discovered vulnerabilities are addressed appropriately, writes Paddy Francis of Airbus CyberSecurity  Continue Reading

• Invest in cyber security with confidence using a structured approach

  Cyber security has never been more challenging or important in rapidly changing business, regulatory, IT and threat environments. There is a need for a more structured approach to investment  Continue Reading

• Keeping the UK in the global race to adopt digital identity

  The UK government’s proposed digital ID trust framework is a step in the right direction, but more is needed to ensure the successful adoption of digital identity across the economy  Continue Reading

• ICO cookie consent: How will the plan affect businesses?

  A data privacy and compliance expert considers what the ICO’s proposals for an overhaul of cookie consent procedures could mean for businesses  Continue Reading

• Facial recognition cannot be a standalone authentication method

  As more organisations look to facial recognition to improve their digital identity practices, they must remember that it cannot stand in isolation  Continue Reading

• Managing cyber risk through integrated supply chains

  High-profile supply chain cyber attacks have caused huge disruption this year. PA Consulting’s Carl Nightingale considers key questions business leaders should be asking of their organisations  Continue Reading

• IR35 reforms: Tech firms warned off relying on high-risk compliance workarounds

  Several months have passed since the onset of the IR35 reforms in the private sector, but compliance with the rules remains an ongoing process, warns Brookson Legal’s Matt Fryer  Continue Reading

• Security Think Tank: Optimising privacy, post-GDPR

  Airbus CyberSecurity CTO Paddy Francis explores the impact of regulation on data protection, and how it has changed how one goes about optimising data privacy in the enterprise  Continue Reading

• Security Think Tank: A response to planned data protection changes

  The ISF’s Emma Bickerstaffe assesses how organisations might respond to proposed changes to the UK’s data protection regime  Continue Reading

• UK’s new data protection strategy risks costing business more than it gains

  The apparent business benefits of pursuing data adequacy agreements around the world may not be as enticing as they at first appear  Continue Reading

• Security Think Tank: Steps to a solid data privacy practice

  Petra Wenham of the BCS shares her expertise on building, or rebuilding, a solid business data privacy practice in a post-Covid-19 world  Continue Reading

• Basel III: How fintech can provide allocated gold for banks

  Banking rules that were over 10 years in the making as a response to the financial crisis have finally come into effect, marking a seismic shift for European banks and their dealings with gold – potentially completely altering the landscape of ...  Continue Reading

• The ransomware debate – to pay or not to pay?

  The debate around banning ransomware payments is highly nuanced, and we must take care to avoid overt victim-blaming, in favour of an open and honest approach, says SASIG’s Martin Smith  Continue Reading

• Security Think Tank: Data privacy and ethics in a post-Covid world

  The radical change caused by the pandemic requires new approaches to data privacy practice, says PA Consulting’s Daniel Gordon  Continue Reading

• Five tips to ensure your crisis comms plan is ready for a cyber attack

  Business leaders take note: standard crisis communications plans are inadequate if you have fallen victim to a cyber attack. HPL’s Ted Birkhahn shares five tips to make sure you are ready to face the public  Continue Reading

• Professionals need protection from the Computer Misuse Act

  The UK needs cyber legislation fit for the 21st century, so it is important for the industry to get behind the government’s proposed reform of the Computer Misuse Act  Continue Reading

• Are you betting your future on the worst gambling odds in the world?

  Gambling is a high-risk strategy. Doing nothing in the face of the threat from ransomware and hoping for the best provides some of the worst odds you will ever come across  Continue Reading

• Banking tech fraud: How to trace and recover your money

  Even when stolen assets are sent offshore, the special powers of the English civil court system mean all may not be lost  Continue Reading

• How CIOs can help their organisations accelerate digital transformation

  Companies need to win the trust of their customers to gather the data they need to transform their businesses  Continue Reading

• European ‘chat control’ plans in the name of ‘child safety’ threaten end-to-end encryption

  Proposals by European Commission to search for illegal material could mean the end of private messaging and emails  Continue Reading

• NHS Digital’s GP data-scraping plan must be publicised and delayed

  The UK government must launch a national awareness campaign and delay this month’s planned GP data slurp, say privacy consultants Ben Rapp and Sara Newman  Continue Reading

• Long-term thinking is vital to secure UK’s critical infrastructure

  To face down the threat of cyber warfare against UK CNI, the government needs long-term thinking that looks beyond the next general election cycle, says Advent-IM’s Mike Gillespie  Continue Reading

• Online Safety Bill: an opportunity for tech to get it right

  Long-awaited proposals for regulating internet companies still leave much to be defined – and the tech sector must take the lead in finalising a plan that works for society and government  Continue Reading

• Post Office scandal: The rise of computers and the decline of English justice

  The Post Office prosecuted its subpostmasters up and down the country with a zeal that would not have embarrassed the Inquisition  Continue Reading

• Why new EU rules around artificial intelligence are vital to the development of the sector

  Shawn Tan, CEO of global AI ecosystem builder Skymind, explains why the European Union’s new rules on artificial intelligence are a good thing  Continue Reading

• The shape of fraud and cyber crime: 10 things we learned from 2020

  While a pandemic-driven increase in cyber crime and an exacerbation of existing fraud trends were, to a large extent, to be expected, the LexisNexis Risk solutions UK cybercrime report 2020 still contained a few surprises  Continue Reading

• IR35 private sector reforms: What firms need to do now the start date has passed

  While the start date for the onset of the IR35 private sector reforms may have passed, firms in-scope of the revamped tax avoidance legislation may find themselves still with plenty of compliance work still to do  Continue Reading

• Why we need to reset the debate on end-to-end encryption to protect children

  Private messaging is the front line of abuse, yet E2EE in its current form risks engineering away the ability of firms to detect and disrupt it where it is most prevalent  Continue Reading

• Security Think Tank: Security culture must underpin vaccine passports

  What are the security challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind?  Continue Reading

• Security Think Tank: ‘Legitimate interest’ crucial for vaccine passports

  What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind?  Continue Reading

• Security Think Tank: Vaccine passports must be secure by design

  What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind?  Continue Reading

• Security Think Tank: Vaccine passports cannot be taken lightly

  What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind?  Continue Reading

• What has a year of home working meant for the DPO?

  Byron Shirley of The Compliance Space explores how the role of the data protection officer has changed in the past 12 months  Continue Reading

• Security Think Tank: US security efforts may centre on collaboration

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Vaccine passports highlight social impact of systems design

  Vaccine or immunity passports are an opportunity to advance the design of trustworthy digital systems, but much more work still needs to be done  Continue Reading

• Security Think Tank: Towards a united state of security

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Security Think Tank: Renewed US stability may ease cyber tensions

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Security Think Tank: Biden must address insider security threat first

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Security Think Tank: Biden’s team can make a difference on security

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Security Think Tank: UK well-placed to work with Biden on cyber

  As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Security Think Tank: Biden has a chance to renew cyber alliances

  As President Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ...  Continue Reading

• Could ambiguous rules spur IT personnel offshoring bonanza?

  Could the combination of Brexit and ambiguous rules on recruitment enable businesses to hire IT staff from overseas to carry out work remotely?  Continue Reading

• UK government needs a digital reboot

  The appointment of new digital leadership is a welcome start to what – if the UK is to thrive in a post-Covid, post-Brexit world – must become a wholesale reboot of digital government  Continue Reading

• What does Brexit mean for the future of UK digital policy? A view from Europe

  Any decisions by the UK government to diverge from EU policies and values over digital policy and regulation could cause real economic problems for UK businesses  Continue Reading

• Why Jack Ma might be too good a tech entrepreneur for China's leaders

  Tech pioneer Jack Ma is facing new regulatory pressure from the Chinese authorities – is this some ideological spat, or simply that he's too good at what he does compared to the state-owned financial system?  Continue Reading

• It’s time to accept that disinformation is a cyber security issue

  Tackling the manipulation of truth and facts is no easy task, and it’s time for the cyber security sector to take up the challenge  Continue Reading

• Why our online harms laws will be good for tech

  The UK's minister for digital infrastructure explains the government's thinking behind its proposals to regulate internet companies such as Facebook, Google and others  Continue Reading

• Brexit and risks to data privacy and governance

  EY privacy specialists assess the risks to data privacy, protection and governance on the table for businesses, with less than two months until Brexit  Continue Reading

• How to write an executive CV for IT leadership jobs

  Knowing how to write an IT executive CV requires a deep knowledge and skillset that not everyone has. Find out how to set yourself apart from the competition  Continue Reading

• The Google antitrust case is more about politics than economics

  It’s not entirely clear what economic reasons led the US government to try to tackle Google’s search monopoly, which suggests it is mostly about politics  Continue Reading

• Security Think Tank: Essential tools to mitigate data loss and identity theft

  The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cybercrime heighten risk for the ...  Continue Reading

• Lapsing ISO certifications: Myth versus risk

  Allowing ISO certifications to lapse presents businesses with serious risks when workarounds are possible  Continue Reading

• The privacy and compliance challenges organisations face in 2021

  Privacy and compliance teams have a lot on their plate as 2021 approaches. What are the key issues to consider?  Continue Reading

• Gartner: Balance safety, privacy and productivity when employees return to the workplace

  Organisations may decide that data collection can help keep employees safe in a Covid-secure workplace – but employers must consider all the privacy and productivity implications  Continue Reading

• What are the latest GDPR security breach enforcement trends?

  A cyber breach specialist from Fieldfisher runs the rule over the latest trends in cyber security, data protection and GDPR  Continue Reading

• The countdown is on for TikTok after Schrems II

  Given the US’ threatened actions against TikTok and the outcome of Schrems II, it is clear that the spotlight is now firmly on international data transfers  Continue Reading

• How the chancellor’s Plan for Jobs could benefit the UK tech sector

  Technology has a strong role to play in the UK’s recovery, with Rishi Sunak’s Plan for Jobs offering opportunities for the sector  Continue Reading

• How Schrems II will impact data sharing between the UK and the US

  At the end of this year, the UK will no longer be subject to the EU’s treaties, opening the way for it and the US to finalise a new trade relationship. Could the UK leave EU data protection standards behind?  Continue Reading

• Security Think Tank: Container security is evolving, so must CISOs

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Why trust is the new currency

  Businesses need to engender trust with customers amid the complexity of digital transactions involving multiple third parties, even as consumers are not fully cognizant of the importance of data privacy  Continue Reading

• Four risks to data privacy and governance amid Covid-19

  EY privacy experts assess some of the novel risks to data privacy, protection and governance during the Covid-19 coronavirus pandemic  Continue Reading

• A legal perspective on data breaches and home working

  Legal experts from Fieldfisher share guidance on how to deal with cyber attacks during the coronavirus crisis, and what the ICO expects in terms of notification  Continue Reading

• Coronavirus and privacy – finding the middle ground

  Data collection has a role to play in fighting the deadly Covid-19 coronavirus outbreak, but governments need to be accountable for how it is used  Continue Reading

• Security Think Tank: Coronavirus crisis helps put security in context

  In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances?  Continue Reading

• EC publishes approach to human and ethical implications of AI, but what will UK do?

  The European Commission has published a guide to the EU’s approach to the human and ethical effects that artificial intelligence might bring  Continue Reading

• Why ‘no breach’ is bad news for your compliance

  You might think it’s a good thing if your organisation has a clean record when it comes to data breaches, but this is not necessarily the case  Continue Reading

• Is the EU better equipped than the US to supervise the use of facial recognition?

  Clearview AI can be an indispensable tool to reinforce national security, but there are many risks associated with the use of facial recognition technology that the EU might be better equipped to deal with than the US  Continue Reading

• The greatest contest ever – privacy versus security

  Examining the technical, legal and ethical challenges around the privacy versus security debate  Continue Reading

• The fight against cyber crime: Why cooperation matters

  With the WEF’s Global Risk Report 2019 ranking cyber attack in the top five global risks, we now see rising consensus at institutional level that no individual stakeholder can address the breadth of security challenges we face today  Continue Reading

• Could regulation kill Facebook completely?

  Social media companies are under financial pressure, as costs increase faster than revenues due to growing concerns about the price of regulatory intervention  Continue Reading

• Learning from the Travelex cyber attack: Failing to prepare is preparing to fail

  The key lesson to take from the Travelex breach is that an effective response to a breach is a critical business function and no longer the sole province of the IT department  Continue Reading

• How can we tell if regulating Google and Facebook is the right thing to do?

  There are different economic approaches to dealing with monopolies and market dominance, but the nature of Google and Facebook defies easy answers  Continue Reading

• Top tips for avoiding and dealing with data breaches

  Been hacked, lost a laptop or sent an email to the wrong address? Do you need to notify anyone and what should you do? Find out in this simple guide  Continue Reading

• Conservative Party: Fostering an environment for IT and digital to flourish

  Matt Warman, Conservative MP and minister for digital and broadband, outlines the Tory policies for technology and digital ahead of the General Election  Continue Reading

• Liberal Democrats: We want to lead the world in ethical, inclusive technology

  Layla Moran, Liberal Democrat MP and party spokesperson for digital, culture, media and sport, writes about the party's technology policies ahead of the upcoming General Election  Continue Reading

• Who has legal jurisdiction over the internet?

  The internet is testing the scope of national laws – and even the European Court of Justice is finding it hard to find a consistent line on its decisions  Continue Reading

• Security Think Tank: The operational approach to integrated risk management

  How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making?  Continue Reading

• Regulators globally are shaping up to rein in Facebook

  We need to move fast and fix Facebook, before it breaks us  Continue Reading

• UK businesses deserve a 5G networked nation

  The tech sector needs to coalesce around a unified, positive vision of 5G to establish a proper business case for ultrafast, low latency mobile  Continue Reading

• Security Think Tank: Engage business to address commercial risk

  What strategies can infosec pros use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose?  Continue Reading

• Security Think Tank: Translating GDPR compliance into business benefits

  What strategies can information security professionals use to shift focus from General Data Protection Regulation fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose?  Continue Reading

• Security Think Tank: Aligning data privacy with business objectives

  What strategies can infosec pros use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose?  Continue Reading

• Security Think Tank: Don’t dismiss the business benefits of GDPR

  What strategies can infosec pros use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose?  Continue Reading

• Security Think Tank: Align compliance objectives with business goals

  What strategies can information security professionals use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose?  Continue Reading

• Security Think Tank: Changing the GDPR focus to business benefit

  What strategies can information security professionals use to shift focus from General Data Protection Regulation fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose?  Continue Reading

• Britain’s 5G roll-out – What is plan B?

  The government has ambitious aspirations in respect of Britain’s full-fibre and 5G networks. But among all the Brexit fog, has it managed to shoot itself in the foot with the roll-out of 5G mobile?  Continue Reading

• Security Think Tank: Benefits of GDPR compliance

  What strategies can information security professionals use to shift focus from General Data Protection Regulation fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose?  Continue Reading

• Security Think Tank: Embrace data protection as a necessary business process

  What strategies can information security professionals use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose?  Continue Reading

• Is GDPR worth the cost?

  Regulations have costs, which are meant to be recouped by the expected benefits. But who decides whether this is a good deal? Ultimately, it’s you  Continue Reading

• Are there any positives from the first year of GDPR?

  A year has passed since the new EU data protection law came into force. What have we learned in that time that can help organisations deliver benefits from the regulation?  Continue Reading

• The dominance of big tech might not always be such a bad thing

  Governments increasingly talk about regulating big tech to preserve competition, but an alternative view says that big tech only exists because there is already sufficient competition in the market  Continue Reading

• Goliath vs Goliath and the complexities of 5G intellectual property

  Is Apple the good guy or the bad guy? It has violated patents and had its wrist slapped by the courts (bad), yet its products are still available for adoring fans to buy (good)  Continue Reading

• Should we be worried that half of UK organisations don’t have a policy for the safe use of AI?

  As artificial intelligence becomes more mainstream, business leaders must be aware of the risks and make sure their firms do not build bias into AI algorithms  Continue Reading

• What are the options for regulating internet companies?

  The UK – and other countries – are likely to introduce new regulations for internet and tech companies like Facebook and Google. We consider what sort of rules they might introduce  Continue Reading

• Facebook’s high-stakes privacy gamble goes to Dublin court

  A high-wire gamble with billions in compensation at stake for European internet users – part of a complex case between Facebook and the Irish information commissioner – hides challenge to the unlawfulness of US state internet surveillance  Continue Reading

• Feudal Lords and anarchic allies – the new models for software collaboration

  Software developers often take an unconventional view of contracts for the work they undertake, which can come back and bite them  Continue Reading

• Brexit and digital identity – avoiding future restrictions on digital trade

  The UK has been a major contributor to European efforts to establish cross-border digital identities. Governments need to ensure that Brexit does not introduce unwanted restrictions that harm digital trade  Continue Reading