GDPR General Data Protection Regulation_Cyber Major

GDPR isn't just standard data protection waffle

I know you’re probably tired of hearing about GDPR.

GDPR isn't just standard data protection waffle. It's a whole new way of approaching personal data. And it's obvious when an organisation hasn't even bothered to attempt to comply. It has to be stressed that the main threats to your business with regards to GDPR isn't directly from the ICO but rather employees and clients who will want assurance that you can properly demonstrate that you know what you're actually doing.

Do you have the policies and procedures in place for identifying and addressing the different lawful basis for processing data?

Continue reading

Worlds Most Valuable Company Capitalises on Privacy Panic

Worlds Most Valuable Company Capitalises on Privacy Panic

No doubt with the latest privacy scares in mind, but also to comply with the upcoming EU GDPR, Apple are implementing a large-scale overhaul of their privacy controls on all Apple devices from iOS 11.3 onwards (with over 1 billion iPhones sold and counting, that’s a LOT of devices).

Just for a start the Cupertino giant is:

1) Introducing new privacy icons that shows up when Apple first asks to use your data.

2) Introducing four new tools that let you:
    a - Get a copy of your data
    b - Request a correction to your data
    c - Deactivate your account
    d - Delete your account

Continue reading

Facebook Data Breach – Why We Need Better Data Protection

Facebook’s Data Breach – Why We Need Better Data Protection

You might have heard this week of the big news regarding Facebook’s major privacy problems. The personal data of at least 50 million Facebook users was practically given away to a shadowy data analytics firm known as Cambridge Analytica, now known for its devious methods to influence elections and carry out blackmail operations.

That may seem like a big deal, but let’s be honest, this kind of thing probably happens far more and on a much more regular basis than anyone would like to admit. I’m willing to bet that the vast majority of ad-based tech companies have APIs and business models that are ripe for systematic privacy violations.

Continue reading

General Data Protection Regulation_Cyber Major London

Right to be Forgotten under the GDPR

The so-called right to be forgotten (RTBF) is probably one of the most actively debated aspects of the original proposal by the EU Commission for the General Data Protection Regulation.

Article 17(1) of the GDPR establishes that data subjects obtain the right to have their personal data erased if:

  • the data is no longer needed for its original purpose and no new lawful purpose exists;
  • the lawful basis for the processing is the data subject’s consent, the data subject withdraws that consent, and no other lawful ground exists;
  • the data subject exercises the right to object, and the controller has no overriding grounds for continuing the processing;
  • the data has been processed unlawfully; or erasure is necessary for compliance with EU law or the national law of the relevant member state

Continue reading

How to Forge a Cyber-Security Strategy for 2018_Cyber Major_London_GDPR

How to Forge a Cyber-Security Strategy for 2018

Intrusion Detection System
Much of having a strong information security plan is depending on having the tools to detect breaches in the first place. Without the technical tools in place to realise you’re under attack, your business continuity planning and risk prevention might as well be pointless. Just to give you an example of the headaches this will cause in the future if not addressed: under the GDPR you’re obligated to put into place a comprehensive personal data breach notification system (to both the Information Commissioners Office and affected victims of personal data theft). However, this requirement can only be fulfilled if you have the means to detect that a breach has happened if the first place. The fines we’ve seen so far indicate that not being aware of breaches is actually a far bigger compliance hazard then the steps you need to take afterwards.

Continue reading

Get in Touch

  • Phone
    0207 458 4088
  • Email
    This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Address
    40 Bank Street, Canary Wharf
    London, E14 5NR