Opinion
Opinion
Privacy and data protection
-
Security Think Tank: Managing data securely throughout its lifecycle
Managing data in a secure manner is key to ensuring its integrity and therefore its value to the organisation, as well as reducing risk from breaches and misinformation Continue Reading
-
How the cyber security market is evolving
The cyber security market has gained even greater importance in the post-Covid era and continues to grow and evolve. But what factors are driving trends in that market and what should your organisation consider when making cyber security investments? Continue Reading
-
Security Think Tank: Steps to a solid data privacy practice
Petra Wenham of the BCS shares her expertise on building, or rebuilding, a solid business data privacy practice in a post-Covid-19 world Continue Reading
-
Security Think Tank: Data privacy not in isolation, but on a spectrum
The gap between data privacy and data governance is narrowing, and security leaders need to be aware of the implications, says KuppingerCole’s Anne Bailey Continue Reading
-
Security Think Tank: Data privacy and ethics in a post-Covid world
The radical change caused by the pandemic requires new approaches to data privacy practice, says PA Consulting’s Daniel Gordon Continue Reading
-
Five tips to ensure your crisis comms plan is ready for a cyber attack
Business leaders take note: standard crisis communications plans are inadequate if you have fallen victim to a cyber attack. HPL’s Ted Birkhahn shares five tips to make sure you are ready to face the public Continue Reading
-
Security Think Tank: Consider cyber policies and procedures as you welcome employees back
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ... Continue Reading
-
Government-led innovation can help cyber startups find a market
There are many reasons why early-stage cyber startups often struggle to get off the ground, but government-backed programmes can help them find a path Continue Reading
-
Sparsely staffed offices: the new post-pandemic cyber gap
With many offices still operating at limited capacity, a red teaming expert reveals how his job is getting easier, and why this is a problem Continue Reading
-
The Secret IR Insider’s Diary: It’s all gone quie...
The ‘Q’ word isn’t one that’s really used in incident response, says the Secret IR Insider, largely because as soon as you use it, something happens Continue Reading
-
Security Think Tank: A return to the office is not a return to normal
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect ... Continue Reading
-
Professionals need protection from the Computer Misuse Act
The UK needs cyber legislation fit for the 21st century, so it is important for the industry to get behind the government’s proposed reform of the Computer Misuse Act Continue Reading
-
Why identity is the central problem for the future of the internet
As debate rages over who has the right to control user identities online, is the concept of decentralised identity about to have its day? Continue Reading
-
UK data exchanges with EU can continue after adequacy decision - but for how long?
For now European businesses can continue to send data to the UK without additional safeguards and paperwork. How long will it last? Continue Reading
-
Banking tech fraud: How to trace and recover your money
Even when stolen assets are sent offshore, the special powers of the English civil court system mean all may not be lost Continue Reading
-
How CIOs can help their organisations accelerate digital transformation
Companies need to win the trust of their customers to gather the data they need to transform their businesses Continue Reading
-
European ‘chat control’ plans in the name of ‘child safety’ threaten end-to-end encryption
Proposals by European Commission to search for illegal material could mean the end of private messaging and emails Continue Reading
-
Security Think Tank: What must a secure print strategy take into account?
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
NHS Digital’s GP data-scraping plan must be publicised and delayed
The UK government must launch a national awareness campaign and delay this month’s planned GP data slurp, say privacy consultants Ben Rapp and Sara Newman Continue Reading
-
Security Think Tank: Printers can’t be an ‘add-on’ in your cyber strategy
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs does pose security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
Security Think Tank: Steps to a coherent print security strategy
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
Security Think Tank: Printer risks go deep into IT history
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs does pose security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
The shape of fraud and cyber crime: 10 things we learned from 2020
While a pandemic-driven increase in cyber crime and an exacerbation of existing fraud trends were, to a large extent, to be expected, the LexisNexis Risk solutions UK cybercrime report 2020 still contained a few surprises Continue Reading
-
The case for vaccine passports: the real world versus the digital world
What are the security issues challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
Why we need to reset the debate on end-to-end encryption to protect children
Private messaging is the front line of abuse, yet E2EE in its current form risks engineering away the ability of firms to detect and disrupt it where it is most prevalent Continue Reading
-
Security Think Tank: Security culture must underpin vaccine passports
What are the security challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
Security Think Tank: ‘Legitimate interest’ crucial for vaccine passports
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
Security Think Tank: Vaccine passports must be secure by design
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
Security Think Tank: Vaccine passports cannot be taken lightly
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
What has a year of home working meant for the DPO?
Byron Shirley of The Compliance Space explores how the role of the data protection officer has changed in the past 12 months Continue Reading
-
Security Think Tank: Evolving threats, tech, leaves CNI exposed
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Employees must be given the right to disconnect
As enterprises increasingly turn to workplace monitoring technologies and more of the workforce moves to remote or hybrid working, unions are campaigning for workers’ ‘right to disconnect’ and not engage in digitally enabled work after hours Continue Reading
-
Security Think Tank: Attacks on CNI – an evolving frontier in warfare
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Security Think Tank: Properly protecting CNI demands specificity
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Security Think Tank: CNI operators must focus on core issues
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
EncroChat ruling has ‘far-reaching effects’ for legal role of interception in UK investigations
The computer forensic experts involved in the review of police use of data hacked from the ultra-secure EncroChat phone network assess the impact of the Appeal Court ruling on future legal use of intercept evidence Continue Reading
-
Why the London Data Charter could be a foundation stone in the city’s recovery
London First’s director of connectivity and competitiveness, David Lutton, explains why data is at the core of the capital’s recovery plan Continue Reading
-
Vaccine passports highlight social impact of systems design
Vaccine or immunity passports are an opportunity to advance the design of trustworthy digital systems, but much more work still needs to be done Continue Reading
-
Security Think Tank: Renewed US stability may ease cyber tensions
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ... Continue Reading
-
Security Think Tank: Biden must address insider security threat first
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ... Continue Reading
-
Security Think Tank: Biden’s team can make a difference on security
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ... Continue Reading
-
Security Think Tank: UK well-placed to work with Biden on cyber
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ... Continue Reading
-
Security Think Tank: Biden has a chance to renew cyber alliances
As President Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice ... Continue Reading
-
The ransomware routine: pages from the Secret IR Insider’s diary
The Secret Incident Response Insider shares behind-the-scenes stories of what really happens after organisations are hit by cyber attacks – and shows how they could have been avoided Continue Reading
-
Security Think Tank: In 2021, enable, empower and entrust your users
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ... Continue Reading
-
Security Think Tank: Plan for hybrid working to become normal
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ... Continue Reading
-
Security Think Tank: Time for security teams to learn from Covid
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ... Continue Reading
-
Security Think Tank: Don’t bet on a new normal just yet
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ... Continue Reading
-
Security Think Tank: Cyber effectiveness, efficiency key in 2021
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ... Continue Reading
-
How to manage non-human identities
Identity management has traditionally focused on human identities, but non-human identities are proliferating and must not be overlooked. Businesses can reduce risk by managing both types of identity in the same way using a services-based approach Continue Reading
-
It’s time to accept that disinformation is a cyber security issue
Tackling the manipulation of truth and facts is no easy task, and it’s time for the cyber security sector to take up the challenge Continue Reading
-
Negotiating the complexities of international transfers of personal data
How to navigate international data transfers, standard contractual clauses and the impact of Brexit on data protection Continue Reading
-
From front line to back office – how supporting the cyber community keeps the NHS safe
NHS Digital’s chief information security officer describes how the Cyber Associates Network benefits security experts in health and care Continue Reading
-
Brexit and risks to data privacy and governance
EY privacy specialists assess the risks to data privacy, protection and governance on the table for businesses, with less than two months until Brexit Continue Reading
-
Security Think Tank: Essential tools to mitigate double extortion attacks
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the ... Continue Reading
-
Security Think Tank: Safeguarding PII in the current threat landscape
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cybercrime heighten risk for the ... Continue Reading
-
Security Think Tank: Essential tools to mitigate data loss and identity theft
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cybercrime heighten risk for the ... Continue Reading
-
Security Think Tank: Adapting defences to evolving ransomware and cyber crime
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the ... Continue Reading
-
Security Think Tank: What you need to know about addressing the doxing threat
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cybercrime heighten risk for the ... Continue Reading
-
Security Think Tank: Tighten data and access controls to stop identity theft
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the ... Continue Reading
-
The privacy and compliance challenges organisations face in 2021
Privacy and compliance teams have a lot on their plate as 2021 approaches. What are the key issues to consider? Continue Reading
-
Gartner: Balance safety, privacy and productivity when employees return to the workplace
Organisations may decide that data collection can help keep employees safe in a Covid-secure workplace – but employers must consider all the privacy and productivity implications Continue Reading
-
Security Think Tank: Edge security in the world of Covid-19
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentre to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ... Continue Reading
-
Security Think Tank: No secret sauce for edge security, just good practice
That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ... Continue Reading
-
What are the latest GDPR security breach enforcement trends?
A cyber breach specialist from Fieldfisher runs the rule over the latest trends in cyber security, data protection and GDPR Continue Reading
-
Why data exports from the EU will be challenging without Privacy Shield
Organisations exporting data to the US under Privacy Shield or overseas generally, whether under standard contractual clauses or binding corporate rules, need to urgently review the legal basis of these transfers Continue Reading
-
Don’t believe the hype: AI is no silver bullet
We want to believe AI will revolutionise cyber security, and we’re not necessarily wrong, but it’s time for a reality check Continue Reading
-
The countdown is on for TikTok after Schrems II
Given the US’ threatened actions against TikTok and the outcome of Schrems II, it is clear that the spotlight is now firmly on international data transfers Continue Reading
-
Taking back control of government data mustn’t leave the public in the dark
Boris Johnson has quietly transferred control over government data to Number 10, without explaining why. The public deserves more involvement in how their personal data is being used, says Labour Continue Reading
-
How Schrems II will impact data sharing between the UK and the US
At the end of this year, the UK will no longer be subject to the EU’s treaties, opening the way for it and the US to finalise a new trade relationship. Could the UK leave EU data protection standards behind? Continue Reading
-
11 obscure questions, Facebook, Max Schrems and the European Court of Justice
Eleven obscure questions will be the first step towards explaining why we in the UK and Europe have experienced 13 years of what has been described as ‘mass and indiscriminate surveillance’ by the US Continue Reading
-
Security Think Tank: AI in cyber needs complex cost/benefit analysis
AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate a IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of ... Continue Reading
-
Security Think Tank: Ignore AI overheads at your peril
Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the... Continue Reading
-
The pandemic has made UK government rethink its relationship with data
Data has been essential to fighting the coronavirus outbreak, and the forthcoming National Data Strategy promises to place data at the heart of the UK's economic recovery Continue Reading
-
CCPA enforcement has begun: Here’s what to expect
The US’s California Consumer Privacy Act came into force in January this year, but enforcement against technology companies did not begin until this month Continue Reading
-
Security Think Tank: Balancing human oversight with AI autonomy
Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the... Continue Reading
-
Why UK needs independent oversight body for contact-tracing app
The public needs and deserves clarity, and not just assurances, over the UK’s Covid-19 contact-tracing app Continue Reading
-
Security Think Tank: Container security starts with good DevOps practice
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
Why trust is the new currency
Businesses need to engender trust with customers amid the complexity of digital transactions involving multiple third parties, even as consumers are not fully cognizant of the importance of data privacy Continue Reading
-
The impact of spycraft on how we secure our data
The history of cyber security owes much to the world of espionage, as a recent, pre-lockdown Science Museum exhibition showed Continue Reading
-
How effective security training goes deeper than ‘awareness’
Cyber criminals are constantly developing their techniques and strategies, so security training needs to do the same Continue Reading
-
Security Think Tank: Security teams are key workers and need support
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading
-
Four risks to data privacy and governance amid Covid-19
EY privacy experts assess some of the novel risks to data privacy, protection and governance during the Covid-19 coronavirus pandemic Continue Reading
-
Why you should think before you Zoom
Feel free to use Zoom during the coronavirus lockdown, but think before you discuss anything confidential Continue Reading
-
Technology has brought us together, but can it lead us out of lockdown?
The government needs to tell us more about the NHSX contact tracing app - choices made now around privacy and transparency will affect all our lives as we aim to ease lockdown, says the shadow digital minister Continue Reading
-
A legal perspective on data breaches and home working
Legal experts from Fieldfisher share guidance on how to deal with cyber attacks during the coronavirus crisis, and what the ICO expects in terms of notification Continue Reading
-
Security Think Tank: Why and how cyber criminals exploit world events
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
Coronavirus: What does the ‘new normal’ mean for how we work?
Examining the long-term impact of the Covid-19 coronavirus pandemic on the world of work, security, privacy and networks Continue Reading
-
JavaScript skimmers: An evolving and dangerous threat
Cyber attacks exploiting Magecart JavaScript skimmers are spiking during the coronavirus pandemic, and like biological viruses, they just keep evolving Continue Reading
-
Coronavirus and privacy – finding the middle ground
Data collection has a role to play in fighting the deadly Covid-19 coronavirus outbreak, but governments need to be accountable for how it is used Continue Reading
-
Why zero trust may not be all it’s cracked up to be
While they are discussed ad nauseam in the security industry, zero-trust architectures may not be all they’re cracked up to be, according to analyst Sam Bocetta Continue Reading
-
Security Think Tank: Amid panic, how to find a sound level of security
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
Security Think Tank: To tackle Covid-19, be prepared, flexible and resilient
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
Security Think Tank: A guide to security best practice for pandemics
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
Security Think Tank: Coronavirus crisis helps put security in context
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
Don’t forget to consider GDPR when using artificial intelligence in the workplace
While references to artificial intelligence in the workplace may conjure up images of future-gazing movies, the use of AI and people analytics by employers is already present at all stages of the employment lifecycle Continue Reading
-
Why ‘no breach’ is bad news for your compliance
You might think it’s a good thing if your organisation has a clean record when it comes to data breaches, but this is not necessarily the case Continue Reading
-
Is the EU better equipped than the US to supervise the use of facial recognition?
Clearview AI can be an indispensable tool to reinforce national security, but there are many risks associated with the use of facial recognition technology that the EU might be better equipped to deal with than the US Continue Reading
-
The greatest contest ever – privacy versus security
Examining the technical, legal and ethical challenges around the privacy versus security debate Continue Reading
-
Addressing the IoT security challenge
We consider how best to address some of the critical security challenges around the internet of things Continue Reading