Four differences between the GDPR and the CCPA
By passing the California Consumer Privacy Act (CCPA), which goes into effect on January 1, 2020, the Golden State is taking a major step in the protection of consumer data. The new law gives consumers insight into and control of their personal information collected online. This follows a growing number of privacy concerns around corporate…
GDPR’s impact: The first six months
GDPR is now six months old – it’s time to take an assessment of the regulation’s impact so far. At first blush it would appear very little has changed. There are no well-publicized actions being taken against offenders. No large fines levied. So does this mean its yet another regulation that will be ignored? Actually…
A law enforcement view of emerging cybercrime threats
Cybercriminals are adopting creative new techniques to target their victims at an unprecedented pace and are constantly seeking methods to avoid law enforcement detection. To stay ahead of them, law enforcement should target cybercriminals offering “off-the-shelf” cyber-attack services or products to make it more difficult for low-level cybercriminals to carry out high-level attacks. Europol’s fifth…
Phished credentials caused twice as many breaches than malware in the past year
Personal device use for remote work poses the biggest security risk to organisations safeguarding their increasingly mobile and cloud-based IT environment, according to a new survey of 100 UK-based senior IT security professionals. Conducted from March to May by Rant, the survey found 58 percent of respondents believe that network access from non-corporate and personally-owned…
Less than a third of companies have dedicated cybersecurity insurance
Only one third of senior executives in UK organisations admit their company insurance currently covers them for a security breach and for the financial impact of data loss, despite the fact that 81 percent agree that it is ‘vital’ their organisation is insured against information security breaches. This is according to the Risk:Value report from…
How to improve software vulnerability disclosure in Europe
As software gets embedded in more and more things we use every day, the problem of software vulnerability reporting and patching rises in importance. Unfortunately, only a few European countries have put vulnerability disclosure processes in place. CEPS, a think tank and forum for debate on EU affairs, has delved in the problematics, listened to…
Unrestricted access to systems and files exposes organizations to cybercrime
UK organisations are leaving themselves vulnerable to cybercrime with over a third of 18-24-year-olds able to access any files on their company network, and only one in five having to request permission to access specific files. Less than half (43%) are restricted to accessing only the files that are relevant to their work. This is…
With the GDPR, companies face new era of compliance and transparency
A new Avecto survey explored IT and security’s role in helping companies achieve compliance with the new guidelines for the collection and processing of personal information of individuals within the EU. 500 IT and cybersecurity professionals in the UK, North America, and Germany were included in the study to understand familiarity with the regulation, the…
Unsurprisingly, most won’t be ready for GDPR on 25th May
With less than a month until the GDPR comes into force, many companies will not be ready when it takes effect on May 25th, 2018. 62% of IT Decision Makers (ITDMs) surveyed describe themselves as ‘confident’ in the build-up, with 1 in 5 (18%) saying they are nervous, according to WinMagic. Only half (51%) of companies say they have…
GDPR: It’s an issue of transparency
The General Data Protection Regulation (GDPR) has been on the lips of security professionals for a long time now – but in just over a month, it will become a reality. While it is easy to get stuck with reviewing the potential fines or setting up efficient security procedures to ensure compliance, many are still…