The UK’s Online Safety Act: a breakdown of key changes
The UK’s long-awaited Online Safety Act has finally come into force, bringing with it a raft of new digital offences. We have written about the Act a few times in the past, so here is a quick rundown of what has changed now it has become law. Cyberflashing is outlawed According to research, 76% of…
UK Intelligence Agency Warns of Mounting AI Cyberthreat
Generative artificial intelligence-enabled ransomware and nation-state hacks in the United Kingdom are “almost certainly” likely to surge after this year, the National Cyber Security Center warned. And British lawmakers called on the government to roll out measures to prevent AI scams. In a report evaluating the cyber risk posed by artificial intelligence, the NCSC evaluated…
UK Privacy Watchdog Probes GenAI Privacy Concerns
The British data regulator is set to analyze the privacy implications of processing scrapped data used for training generative artificial intelligence algorithms. The Information Commissioners’ Office on Monday announced that it’s soliciting comments from AI developers, legal experts, and other industry stakeholders on how privacy rights might be affected by developments in generative AI. Since…
UK FCA Fines Equifax 11 Million Pounds for 2017 Data Breach
A British financial regulator fined American credit reporting agency Equifax 11 billion pounds for its role in one of the world’s largest data breaches. Chinese military hackers in 2017 exploited a vulnerability in Equifax’s online dispute portal to download the personal data of nearly 14 million residents of the United Kingdom as well as approximately…
UK Minister Sorry Over Afghan Interpreters’ Data Breach
A Defense Ministry email to more than 250 Afghans who are eligible for relocation and still remain in Afghanistan was mistakenly copied to all applicants Monday instead of blind copied. British media reports said the people whose email addresses were distributed included some individuals who are in hiding from the Taliban. “It is an unacceptable…
4 in 10 organizations punish staff for cybersecurity errors
New research has found that 42% of organizations are taking disciplinary action against staff who make cybersecurity errors. To examine the prevalence of punishment in businesses and the impact of this on staff, a team of researchers led by Dr John Blythe, Head of Behavioral Science at CybSafe, conducted a survey of cybersecurity awareness professionals…
IoT security: In 2020, action needs to match awareness
As the power of IoT devices increases, security has failed to follow suit. This is a direct result of the drive to the bottom for price of network enabling all devices. But small steps can greatly increase the overall security of IoT. A better IoT security story has to be one of the most urgent…
How employees and their organizations are prioritizing data privacy
Employees in the UK expressed greater understanding of privacy laws, and better training opportunities, than those in the U.S., the ObserveIT survey reveals. The survey polled 1,000 full-time employees in the United States and United Kingdom to determine their understanding of their organizations’ current privacy regulations. New policies and regulations dictating organizations’ handling of sensitive…
Data breach reports delayed as organizations struggle to achieve GDPR compliance
Businesses routinely delayed data breach disclosure and failed to provide important details to the ICO in the year prior to the GDPR’s enactment. On average, businesses waited three weeks after discovery to report a breach to the ICO, while the worst offending organization waited 142 days. The vast majority (91%) of reports to the ICO…
GDPR’s impact: The first six months
GDPR is now six months old – it’s time to take an assessment of the regulation’s impact so far. At first blush it would appear very little has changed. There are no well-publicized actions being taken against offenders. No large fines levied. So does this mean its yet another regulation that will be ignored? Actually…