What it Takes to Be Your Organisation’s DPO or Data Privacy Lead
Data Protection – IT Governance Blog
by IT Governance Consultant
4M ago
‘GDPR’ has become a familiar term. We recognise the visible and consumer-facing aspects of it in our everyday lives. As privacy professionals, we see consumers exercising their rights to withdraw consent to their data being processed via ‘opt out’ or ‘unsubscribe’ buttons, for example. What’s not so evident is whether organisations are keeping their practices fully up to date and in line with the GDPR. For instance: Since adding unsubscribe buttons, those same organisations may have purchased marketing email lists without confirming the lawful basis under which the personal data was collected ..read more
Visit website
How to identify data breaches when you have a hybrid workforce
Data Protection – IT Governance Blog
by Luke Irwin
2y ago
As we emerge from the pandemic, hybrid working has proven hugely popular for individuals and organisations alike: staff enjoy increased flexibility and reduced commuting, and organisations benefit from lower overheads and greater productivity. Plus, the environmental benefits of homeworking are unmistakable.  However, hybrid working also provides greater opportunities for cyber criminals. It introduces new security vulnerabilities, makes staff more susceptible to phishing attacks, and  ..read more
Visit website
How can organisations close the cyber security skills gap?
Data Protection – IT Governance Blog
by Luke Irwin
2y ago
A UK government report published last year found that 48% of organisations lacked the expertise to complete routine cyber security practices. This includes an inability to protect against malware, set access controls and apply updates. The report also found that 30% of organisations had skills gaps in more advanced areas, such as penetration testing, forensic analysis and security architecture. Almost as many (27%) have a skills gap when it comes to incident response. At first glance, these figures are hard to believe. The importance of effective cyber security is discussed often, and the intr ..read more
Visit website
How to become a data protection officer
Data Protection – IT Governance Blog
by Beth Greenall
3y ago
The EU GDPR (General Data Protection Regulation) requires certain organisations to appoint a DPO (data protection officer) to help them comply with the Regulation. However, a shortage of DPOs means many organisations are appointing staff to act as DPOs without the proper level of expertise, experience or qualifications. The GDPR stipulates that DPOs should have appropriate experience and qualifications to fulfil the role. What do data protection officers do? A DPO is an independent data protection expert who is responsible for advising an organisation on how to comply with its regulatory requ ..read more
Visit website
Your DPO questions answered
Data Protection – IT Governance Blog
by Luke Irwin
3y ago
Organisations have had to get a lot more serious about data processing and information security since the EU GDPR (General Data Protection Regulation) came into effect earlier this year. For many, that has included the mandatory appointment of a DPO (data protection officer) to ensure key requirements of the Regulation are being met. But with so many uncertainties about what effective data protection should look like, many DPOs have been thrust into the role without time to think about how best to approach their tasks. That’s why we sought the advice of information security consultant James Tu ..read more
Visit website
What is data loss and how does it work?
Data Protection – IT Governance Blog
by Luke Irwin
3y ago
Data loss refers to the destruction of sensitive information. It’s a specific type of data breach, falling into the ‘availability’ category of data security (the other two categories being ‘confidentiality’ and ‘integrity’). Data can be lost in several ways – occurring either accidentally or maliciously – and will cause numerous problems for your organisation. In this blog, we explain what you need to know and provide data loss prevention tips. What causes data loss? There are several types of data loss, which can be separated into four categories. Human error Organisations’ biggest risks ar ..read more
Visit website
How breach detection tools can help organisations save money and protect their reputation
Data Protection – IT Governance Blog
by Luke Irwin
3y ago
An organisation’s ability to respond promptly to security incidents has a huge impact on the costs it incurs. According to Ponemon Institute’s Cost of a Data Breach Report 2020, organisations that are able to detect and respond to an incident within 200 days save about $1 million (about £770,000) on average. This fact – along with the alarming news that 1.5 million businesses in the UK suffered a data breach in 2019 – means that organisations must prioritise data breach identification. The problem is that, with so much data being shared internally and among third parties, it can be almost impo ..read more
Visit website
Data controller vs data processor: what’s the difference?
Data Protection – IT Governance Blog
by Luke Irwin
3y ago
The concept of data controllers and data processors has been around for years, but the roles come with clearly defined responsibilities under the GDPR (General Data Protection Regulation). In this blog, we take a close look at what a data controller and processor does and how they fit into your organisation. What is a data controller? A data controller determines the purposes for which an organisation collects and uses personal data. They can be an individual or a group, but as long as they have the authority to decide how and why information should be processed, they are a data controller. Ho ..read more
Visit website
Does remote working affect the cost of a data breach?
Data Protection – IT Governance Blog
by Luke Irwin
3y ago
Since the start of the COVID-19 pandemic, experts have warned that the switch to remote working would negatively affect organisations’ ability to detect and contain security incidents. Of course, many employers didn’t have a choice. Government guidelines in the UK and many other parts of the world urged people to work from home wherever possible. So what affect has this had on organisations’ cyber security? According to IBM’s Cost of a Data Breach Report 2020, when the majority of employees work from home, the cost of a data breaches increased by $137,000 (£104,000). That’s a significant figur ..read more
Visit website
Reopened pubs and cafes to collect customers’ personal details
Data Protection – IT Governance Blog
by Luke Irwin
3y ago
England’s coronavirus lockdown will all but end on 4 July, with the government allowing pubs, restaurants, cinemas, museums and hotels to reopen. The decision comes after steady progress in mitigating the spread of COVID-19 and the partial reopening of other sectors over the previous six weeks. But it doesn’t exactly signal a return to business as usual, as heavy restrictions will still be in place. This includes plans for organisations to collect customers’ names and contact details upon entry, and to store them for 21 days. This information is intended to help these businesses track coronavi ..read more
Visit website

Follow Data Protection – IT Governance Blog on FeedSpot

Continue with Google
Continue with Apple
OR