2023, Data, GDPR and Security - Information Management Today

Navigating the EU-US Data Protection Framework

Thales Cloud Protection & Licensing

JANUARY 10, 2024

Navigating the EU-US Data Protection Framework sparsh Thu, 01/11/2024 - 05:26 On 10 July 2023, the European Commission adopted a new adequacy decision regarding the Data Privacy Framework (“DPF”). However, European organizations need to dive with eyes wide open when transferring personal data to the US under the DPF.

Data Privacy

Data Privacy Personal data Privacy Cloud

India: New Digital Personal Data Protection Act, Start Planning Now.

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

Authors: Carolyn Bigg, Gwyneth To and Rachel De Souza Start preparing now to comply with India’s new data protection law. The DPDP Act is India’s first comprehensive law on the protection of personal data and comes six years after the Supreme Court of India first declared a fundamental right to privacy in the Puttaswarmy case in 2017.

Personal data

Personal data GDPR Data breaches Compliance

Top 7 Cloud Storage Security Issues & Risks (+ Mitigations)

eSecurity Planet

JANUARY 30, 2024

Cloud storage security issues refer to the operational and functional challenges that organizations and consumers encounter when storing data in the cloud. Cloud storage risks involve potential external threats and vulnerabilities that jeopardize the security of stored data.

Cloud

Cloud Risk Security Encryption

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

IT Governance

JANUARY 23, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data set is a collection of 1 billion credentials sourced from stealer logs and hosted on the illicit.services website. Data breached: 70,840,771 email addresses.

Data Privacy

Data Privacy Privacy Manufacturing Retail

Free Expert Insights

IT Governance

MARCH 29, 2024

Here are all our Q&As to date, grouped by broad topic: AI Cyber attacks and data breaches Cyber Essentials Cyber resilience Cyber security Data privacy DORA Incident response ISO 27001 PCI DSS PECR Security testing Training Miscellaneous To get new expert insights straight to your inbox, sign up to our weekly newsletter, the Security Spotlight.

Data Privacy

Data Privacy Compliance GDPR Privacy

The Week in Cyber Security and Data Privacy: 22 – 28 January 2024

IT Governance

JANUARY 30, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data is more than mere credentials, too – according to Cybernews, most of the exposed data is sensitive. In total, 3,876 domain names were included in the exposed data set.

Data Privacy

Data Privacy Retail Privacy Manufacturing

IT Governance Podcast 08.09.23: Electoral Commission (again), Meta, Pôle emploi

IT Governance

SEPTEMBER 7, 2023

This week, we discuss security issues at the Electoral Commission, Meta’s appeal against daily GDPR fines, and a breach affecting 10 million users of the French unemployment agency Pôle emploi. Transcript: Hello and welcome to the IT Governance podcast for Friday, 8 September 2023. The fines are due to continue until 3 November.

Government

Government IT Personal data GDPR

Belgian DPA Approves IAB Europe’s Action Plan For Consent Framework

Hunton Privacy

JANUARY 11, 2023

On January 11, 2023, the Belgian Data Protection Authority (“Belgian DPA”) announced that it has approved the Interactive Advertising Bureau Europe’s (“IAB Europe”) action plan with respect to its Transparency and Consent Framework (“TCF”). Background.

GDPR

GDPR Personal data Marketing IT

Monsido Meets Digital Sovereignty Requirements with Cloud Key Management

Thales Cloud Protection & Licensing

NOVEMBER 6, 2023

Monsido Meets Digital Sovereignty Requirements with Cloud Key Management madhav Tue, 11/07/2023 - 05:34 The World Economic Forum estimates that over 92% of all data in the western world is stored on servers owned by very few US-based companies, which raises concerns about data ownership and control.

Cloud

Cloud Encryption Compliance GDPR

Analysing Data Breaches Caused by Human Error

IT Governance

DECEMBER 21, 2023

To find out, we looked at the ICO’s (Information Commissioner’s Office) public data set , specifically looking into four data breach types caused by human error: Data emailed to incorrect recipient. Data posted or faxed to incorrect recipient. At the time of writing, the data set starts in Q2 2019 and goes up to Q2 2023.

Data breaches

Data breaches Personal data Government GDPR

FIDO, Biometry and Contactless: Enhancing End User Adoption of Phishing-Resistant MFA

Thales Cloud Protection & Licensing

NOVEMBER 29, 2023

FIDO, Biometry and Contactless: Enhancing End User Adoption of Phishing-Resistant MFA madhav Thu, 11/30/2023 - 04:52 The surge in social engineering and phishing attacks seeking to bypass established multi-factor authentication (MFA) methods indicates that organizations must move to phishing-resistant MFA.

Phishing

Phishing Authentication Data Privacy Passwords

Self-Sovereign Identities, The Next Step in Privacy-First User Experience

Thales Cloud Protection & Licensing

MARCH 20, 2023

Self-Sovereign Identities, The Next Step in Privacy-First User Experience divya Tue, 03/21/2023 - 06:10 There is a growing momentum around Self-Sovereign Identities (SSI) with real value to be captured by individuals, countries, and businesses. When privacy is at stake, SSI puts individuals back in control of their personal data.

Privacy

Privacy Blockchain Customer Experience Access

A Guide to Key Management as a Service

Thales Cloud Protection & Licensing

JUNE 15, 2023

A Guide to Key Management as a Service madhav Thu, 06/15/2023 - 11:29 As companies adopt a cloud-first strategy and high-profile breaches hit the headlines, securing sensitive data has become a paramount business concern. The most effective way to ensure data security is through encryption and proper key management.

Encryption

Encryption Compliance Cloud Authentication

Digital Health in the UK: MHRA Bold New (Regulatory) World?

Data Matters

SEPTEMBER 22, 2021

To clarify the future policy position on software as a medical device (“SaMD”) and AI in the UK, the MHRA has published a new set of “work packages,” the key elements of which are to be delivered from autumn 2021 until summer 2023, with the aim of the UK becoming the “home of responsible innovation for medical device software.”.

Marketing

Marketing Artificial Intelligence Risk Access

Information Management Today

Navigating the EU-US Data Protection Framework

India: New Digital Personal Data Protection Act, Start Planning Now.

Trending Sources

Top 7 Cloud Storage Security Issues & Risks (+ Mitigations)

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

Free Expert Insights

The Week in Cyber Security and Data Privacy: 22 – 28 January 2024

IT Governance Podcast 08.09.23: Electoral Commission (again), Meta, Pôle emploi

Belgian DPA Approves IAB Europe’s Action Plan For Consent Framework

Monsido Meets Digital Sovereignty Requirements with Cloud Key Management

Analysing Data Breaches Caused by Human Error

FIDO, Biometry and Contactless: Enhancing End User Adoption of Phishing-Resistant MFA

Self-Sovereign Identities, The Next Step in Privacy-First User Experience

A Guide to Key Management as a Service

Digital Health in the UK: MHRA Bold New (Regulatory) World?

Stay Connected