Compliance, Government, Personal data and Retail

Are Retailers Shopping for a Cybersecurity Breach?

Thales Cloud Protection & Licensing

NOVEMBER 22, 2022

Are Retailers Shopping for a Cybersecurity Breach? Retailers started the century as the prime targets for cyber attackers looking for credit card data. Today, unfortunately, retailers are again coming back to the spotlight. Similar to many organizations, 36% of retail respondents cited human error as the leading threat.

Retail

Retail Cybersecurity Ransomware Authentication

How FIDO 2 authentication can help achieve regulatory compliance

Thales Cloud Protection & Licensing

JUNE 24, 2021

How FIDO 2 authentication can help achieve regulatory compliance. Businesses are governed by an increasingly complex network of regulations, jurisdictions, and standards which dictate security and privacy requirements. As such, FIDO2 can become an enabler for regulatory compliance. Compliance with GDPR and CCPA.

Authentication

Authentication Compliance GDPR Personal data

DPIAs for retail and hospitality

IT Governance

MARCH 26, 2019

It’s relevant for everyone, including retail and hospitality. Retail and hospitality organisations will likely need to conduct several to cover all their processes, both new and existing. Common activities for retail and hospitality requiring DPIAs. Speed up and simplify the DPIA process to ensure compliance with the GDPR.

Retail

Retail Risk GDPR Government

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

An online retailer always gets users’ explicit consent before sharing customer data with its partners. A navigation app anonymizes activity data before analyzing it for travel trends. One cannot overstate the importance of data privacy for businesses today.

Data Privacy

Data Privacy Privacy GDPR Personal data

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Irish regulators hit Meta with a EUR 1.2

GDPR

GDPR Compliance Personal data Privacy

Don’t let bad data drag you down: A retailer’s guide

Collibra

APRIL 11, 2023

Retail is a dynamic and competitive market. In addition to the traditional brick-and mortar-stores, the retail business today includes online and mobile stores. Every process at every stage of these stores relies on data. The right kind of data can drive great innovations in retail. What if they do not match?

Retail

Retail Sales Compliance Marketing

Data controller vs data processor: what’s the difference?

IT Governance

AUGUST 19, 2020

In this blog, we take a close look at what a data controller and processor does and how they fit into your organisation. What is a data controller? A data controller determines the purposes for which an organisation collects and uses personal data. Are you a data controller or a data processor?

GDPR

GDPR Personal data Compliance Privacy

Ready for Take-off: Rising Above Airport Cybersecurity Challenges

Thales Cloud Protection & Licensing

NOVEMBER 15, 2023

The entire passenger process, from check-in to boarding, involves multiple stakeholders, including government regulators, airport management, airline personnel, and on-premise security teams, working together to maintain a robust and secure environment. Support effective, without security and operational risks, airport scaling.

Cybersecurity

Cybersecurity Authentication Access Compliance

Subject Access Requests in Scotland: Do you know what data is held about you?

IT Governance

NOVEMBER 12, 2018

Not only does it affect the way organisations process personal data, but also extends data subjects rights in terms of how their data is processed. What is a data subject access request (DSAR)? Speak to an expert >> The post Subject Access Requests in Scotland: Do you know what data is held about you?

Access

Access GDPR Personal data Retail

70,000 affected in B&Q data breach

IT Governance

JANUARY 25, 2019

Home improvement retailer B&Q has suffered a data breach affecting 70,000 of its… well, not customers, exactly. What was the lawful basis on which it was processing the data in the first place? How does it demonstrate compliance with the six data processing principles?

Data breaches

Data breaches GDPR Passwords Retail

The GDPR: Everything you need to know about data controllers and data processors

IT Governance

NOVEMBER 14, 2018

The terms ‘data controller’ and ‘data processor’ have been around for years, but it’s only since the EU GDPR (General Data Protection Regulation) took effect that they’ve been scrutinised. The roles are closely related, both are integral to the GDPR, and a misunderstanding can lead to non-compliance and severe punishment.

GDPR

GDPR Retail Data collection Personal data

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

You must tell people when you’re collecting their personal information to give them the opportunity to exercise their data subject rights. These rights enable individuals to access the personal data organisations store on them and to challenge the way their information is used. The penalties for non-compliance.

GDPR

GDPR Privacy Retail Personal data

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

On November 26, 2020, the French Data Protection Authority (the “CNIL”) announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies.

GDPR

GDPR Personal data Data collection Marketing

Avoiding, Managing And Responding To Cyber Incidents

Data Protection Report

NOVEMBER 2, 2023

In 2017, Equifax Inc, suffered a cybersecurity breach, with hackers able to access the personal data of around 13.8 The breach included data held by Equifax Inc in connection with two of Equifax’s products.

GDPR

GDPR Risk Cybersecurity Compliance

62% of organisations unaware of the GDPR

IT Governance

FEBRUARY 23, 2018

There is an alarming lack of awareness across all industries about the EU General Data Protection Regulation (GDPR) , according to a government survey. Almost two thirds (62%) of respondents hadn’t heard of the Regulation, and only about 10% had taken steps to meet its compliance requirements. Preparing for the GDPR.

GDPR

GDPR Compliance Insurance Personal data

The GDPR: A year in review

IT Governance

MAY 23, 2019

To mark the anniversary, we gathered a panel of data protection experts to discuss the effect of the Regulation and the future of data protection. Compliance fatigue’. Compliance is a continuous requirement and although most organisations have made a good start, there is always more to do.”.

GDPR

GDPR Data breaches Compliance Retail

Weekly podcast: Amazon, TalkTalk and City of York

IT Governance

NOVEMBER 22, 2018

Hello and welcome to the IT Governance podcast for Friday, 23 November. Just days before Black Friday, Amazon suffered a data breach in which an undisclosed number of customers’ names and email addresses were accidentally exposed on its website. Here are this week’s stories. Allsopp was a willing participant in the crime.

Data breaches

Data breaches Personal data Passwords Encryption

Identity Proofing: The New Foundation for Every Digital Identity

Thales Cloud Protection & Licensing

NOVEMBER 30, 2021

Data aggregation verification is gaining traction, while biometrics are intuitively replacing passwords. Registration and medical data access in healthcare. Enrolment and remote access to government services such as social security, tax, etc. Secure online services for retailers. Premium automotive apps.

Authentication

Authentication Privacy Compliance Retail

International Data Protection Day 2022

DLA Piper Privacy Matters

JANUARY 28, 2022

Looking back on 2021, the privacy and data protection landscape continues to evolve at pace. In Europe we saw the UK finally conclude Brexit and establishment of a separate data protection regime in the UK which will be governed by the UK GDPR. Data transfers to other countries remain a challenge.

GDPR

GDPR Privacy Data breaches Personal data

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

Source (New) Software Luxembourg Yes 3,600,000 National Automobile Dealers Association Source (New) Retail USA Yes 1,065,000 Consórcio Canopus Source (New) Professional services Brazil Yes 1,400,000 The Teaching Company (Wondrium by The Great Courses) Source (New) Education USA Yes 1.3 TB Gräbener Maschinentechnik GmbH & Co.

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

Leicester City FC fans’ financial details stolen in cyber attack

IT Governance

JUNE 11, 2019

Upon discovery of the breach, the security of our retail platform was immediately restored and appropriate measures were taken to ensure the security of all other online assets,” the statement read. The GDPR states that organisations must take “appropriate technical and organisational measures” to secure EU residents’ personal data.

GDPR

GDPR Personal data Data breaches Retail

GDPR fines are coming and here’s why

IT Governance

APRIL 23, 2019

Likewise, the data protection watchdog began communications with the London Borough of Newham in April 2018 after complaints that it had breached the personal data of more than 200 people. The retailer was hit by a cyber attack in July 2017 but the damage wasn’t discovered for almost a year.

GDPR

GDPR Personal data Compliance Retail

Security Outlook 2023: Cyber Warfare Expands Threats

eSecurity Planet

JANUARY 5, 2023

“In 2022, governments fought wars online, businesses were affected by multiple ransomware gangs, and regular users’ data was constantly on hackers’ radars,” said NordVPN CTO Marijus Briedis. 2023, he predicted, “will not be any easier when it comes to keeping users’ data safe and private.”

Security

Security Ransomware Cybersecurity Privacy

Weekly Podcast: Superdrug, Facebook and Twitter, and the ICO

IT Governance

AUGUST 23, 2018

In this week’s podcast, we discuss the data incident at Superdrug, Facebook and Twitter removing accounts, and the ICO website being down. Hello and welcome to the IT governance podcast for the 24 th of August. Here are this week’s stories: High-street retailer, Superdrug, suffered a data breach earlier this week.

Passwords

Passwords Retail Information Security Data breaches

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

In January 2024, it identified more potential victims, and has now written to inform them that their personal data may have been compromised in the incident. Data breached: 2,632,275 people’s data. 204 of them are known to have had data exfiltrated, exposed or otherwise breached.

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

Safely adopting technology in the hospitality industry

IT Governance

DECEMBER 20, 2018

These ensure that data can flow easily between systems while also offering a more flexible approach to forward planning that can be adapted to suit evolving requirements. They also offer other compelling benefits, such as unlimited data storage, encryption, technical support and reduced demand for internal hardware. .

Customer Experience

Customer Experience IoT Information Security Data collection

The Economy of Things: the next value lever for telcos

IBM Big Data Hub

JULY 11, 2023

Consumer ownership and control over identity and personal data is a key amplifier and enabler of EoT ecosystem value and the unlocking of B2B2C and B2C2B business models and innovation. It may also decide to publish data services in the form of APIs to facilitate third party developer solutions leveraging the EoT data.

IoT

IoT Artificial Intelligence Agriculture Blockchain

How data breaches are affecting the retail industry

IT Governance

AUGUST 21, 2018

Only time will tell – and we may not have to wait long – but in the meantime, what is the impact of data breaches in the retail industry, and what needs to be done to mitigate them? The data included contact information, usernames and encrypted passwords. What is the cost of a data breach? million users was compromised.

Retail

Retail Data breaches GDPR Compliance

40% of organisations respond to bogus DSARs

IT Governance

AUGUST 14, 2019

Pavur refused to name the organisations that mishandled the requests, which is wise, because it would encourage miscreants to submit their own fake DSARs and gain access to other people’s personal data. Find out more >> The post 40% of organisations respond to bogus DSARs appeared first on IT Governance Blog.

GDPR

GDPR Retail Access Personal data

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Articles 5(1) and 5(2) state that personal data must be processed lawfully, fairly and in a transparent manner, and that the data controller must be able to demonstrate that it is doing so. Articles 24(1) and 32(1) state that organisations must implement appropriate technical and organisational measures to protect personal data.

Security

Security Data breaches Ransomware Military

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

Thales Cloud Protection & Licensing

JULY 11, 2019

On May 22, 2019, the European Commission published an infographic on compliance with and enforcement of the GDPR from May 2018 to May 2019 and it is clear that a lot of work still needs to be done. What is the General Data Protection Regulation? What is the General Data Protection Regulation? What does the GDPR require?

GDPR

GDPR Compliance Risk Personal data

California passes major legislation, expanding consumer privacy rights and legal exposure for US and global companies

Data Protection Report

JUNE 29, 2018

For companies that have implemented a compliance plan for European Union data subjects under the EU General Data Protection Regulation (“GDPR”), this law means many of the similar protections will now need to be extended to California residents.

Privacy

Privacy GDPR Personal data Risk

California Passes Major Legislation, Expanding Consumer Privacy Rights and Legal Exposure for US and Global Companies

Data Protection Report

JUNE 29, 2018

For companies that have implemented a compliance plan for European Union data subjects under the EU General Data Protection Regulation (“GDPR”), this law means many of the similar protections will now need to be extended to California residents.

Privacy

Privacy GDPR Personal data Risk

The Week in Cyber Security and Data Privacy: 22 – 28 January 2024

IT Governance

JANUARY 30, 2024

Mobile network database breach exposes 750 million Indians’ personal data The Indian security company CloudSEK claims to have found the personal data of 750 million Indians for sale on an “underground forum”. Data breached: 750 million victims’ personal data.

Data Privacy

Data Privacy Retail Privacy Manufacturing

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

The CCPA governs how businesses treat “consumer” “personal information.” The CCPA defines “personal information” broadly to include information that “identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.”

Privacy

Privacy Sales Compliance Cybersecurity

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Glosbe dictionary exposes almost 7 million records The multilingual online dictionary Glosbe left a MongoDB instance unsecured last year, exposing nearly 7 million users’ information, including personal data, encrypted passwords and social media identifiers. Source (New) Retail Italy Yes 436,932 Toner-dumping.de TB Paysign, Inc.

Data Privacy

Data Privacy Privacy Security Data breaches

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

The CCPA governs how businesses treat “consumer” “personal information.” The CCPA defines “personal information” broadly to include information that “identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.”

Privacy

Privacy Sales Education Compliance

Why Sucessful Central Bank Digital Currencies require Partnership enagement

Thales Cloud Protection & Licensing

JUNE 21, 2023

Data privacy; e-wallets, devices and transaction systems should not have direct access to sensitive personal data. However, in some circumstances, the institutions handling money as part of a retail transaction should have the ability to perform KYC (Know Your Customer) checks, as mandated under their industry compliance regime.

Retail

Retail Encryption e-Discovery Data Privacy

Security Affairs newsletter Round 461 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 3, 2024

Private Plane Owners’ Data Linked to LA Intl. Private Plane Owners’ Data Linked to LA Intl.

Security

Security Ransomware Retail Artificial Intelligence

Public cloud vs. private cloud vs. hybrid cloud: What’s the difference?

IBM Big Data Hub

FEBRUARY 6, 2024

Many organizations opt for a private cloud setting to protect sensitive data—a business need that is becoming increasingly important. For example, government agencies frequently choose private cloud settings for workloads that deal with confidential documents, personally identifiable information (PII) or other sensitive data.

Cloud

Cloud Digital transformation e-Delivery Compliance

Mic Drop: California AG releases long-awaited CCPA Rulemaking

Data Protection Report

OCTOBER 11, 2019

Some of these rules are quite prescriptive and may not match with what businesses have planned to do as part of their current CCPA compliance program. For example:ser. Business must provide two or more methods for receiving requests including a toll free number at a minimum and an interactive web form if the business operates a website.

Sales

Sales Retail Privacy Access

How to build a successful hybrid cloud strategy

IBM Big Data Hub

DECEMBER 20, 2023

In response to rapid data growth, healthcare entities have turned to hybrid cloud as an effective way to better help store and secure data in a private cloud. Additionally, healthcare and medical providers now governed by HIPAA (link resides outside ibm.com) regulations must retain redundant business and medical records.

Cloud

Cloud Digital transformation Customer Experience Compliance

Is Your Customer Experience Future-Ready?

Reltio

APRIL 25, 2019

If the digital transformation doesn’t have an end date, then is your data platform able to scale infinitely to support your long-term, evolving customer experience? Can it continuously collect and correlate all customer data from internal as well as external, public, and social media? For Future.

Customer Experience

Customer Experience Digital transformation B2B B2C

A Practical Guide to Cyber Incident Response

IT Governance

MAY 24, 2024

Those people will be affected if anything goes wrong due to mismanagement of their data. Those people will be affected if anything goes wrong due to mismanagement of their data. If you’re a retailer, you’re going to see way more web traffic than usual. To what extent does seasonality play a role in security monitoring?

Risk

Risk Security Ransomware Phishing

Are Retailers Shopping for a Cybersecurity Breach?

How FIDO 2 authentication can help achieve regulatory compliance

Trending Sources

DPIAs for retail and hospitality

Data privacy examples

How to implement the General Data Protection Regulation (GDPR)

Don’t let bad data drag you down: A retailer’s guide

Data controller vs data processor: what’s the difference?

Ready for Take-off: Rising Above Airport Cybersecurity Challenges

Subject Access Requests in Scotland: Do you know what data is held about you?

70,000 affected in B&Q data breach

The GDPR: Everything you need to know about data controllers and data processors

Does your use of CCTV comply with the GDPR?

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Avoiding, Managing And Responding To Cyber Incidents

62% of organisations unaware of the GDPR

The GDPR: A year in review

Weekly podcast: Amazon, TalkTalk and City of York

Identity Proofing: The New Foundation for Every Digital Identity

International Data Protection Day 2022

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

Leicester City FC fans’ financial details stolen in cyber attack

GDPR fines are coming and here’s why

Security Outlook 2023: Cyber Warfare Expands Threats

Weekly Podcast: Superdrug, Facebook and Twitter, and the ICO

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

Safely adopting technology in the hospitality industry

The Economy of Things: the next value lever for telcos

How data breaches are affecting the retail industry

40% of organisations respond to bogus DSARs

2022 Cyber Security Review of the Year

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

California passes major legislation, expanding consumer privacy rights and legal exposure for US and global companies

California Passes Major Legislation, Expanding Consumer Privacy Rights and Legal Exposure for US and Global Companies

The Week in Cyber Security and Data Privacy: 22 – 28 January 2024

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Why Sucessful Central Bank Digital Currencies require Partnership enagement

Security Affairs newsletter Round 461 by Pierluigi Paganini – INTERNATIONAL EDITION

Public cloud vs. private cloud vs. hybrid cloud: What’s the difference?

Mic Drop: California AG releases long-awaited CCPA Rulemaking

How to build a successful hybrid cloud strategy

Is Your Customer Experience Future-Ready?

A Practical Guide to Cyber Incident Response

Stay Connected