January, 2017

article thumbnail

What (currently ignored) privacy area might result in early enforcement action when the GDPR is in force?

Data Protector

We have 480 days to go before the General Data Protection Regulation is “in force”. And then what? That's the question I’m being increasingly asked these days. Does it really mean that in 481 days, European privacy regulators will be heralding the first megafine for non-compliance with one of the GDPR’s more obscure requirements? I think not. But it will undoubtedly lead to greater unease amongst the audit committees of many firms, particularly those in the (regulated) financial services sector,

GDPR 136
article thumbnail

Debate Over “Content Services vs. ECM” Misses the Point

Weissman's World

“ECM is dead.” “Content Services are the next generation.” “I’ve got a brand-new pair of roller skates.” If you think that last quote is a non sequitur, you’re right! But so, I’d argue, are the other two, because neither speaks directly to what both really are all about: Improving the “care and feeding” of your […]. The post Debate Over “Content Services vs.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CFI directives in assembly files

Imperial Violet

(This post uses x86-64 for illustration throughout. The fundamentals are similar for other platforms but will need some translation that I don't cover here.). Despite compilers getting better over time, it's still the case that hand-written assembly can be worthwhile for certain hot-spots. Sometimes there are special CPU instructions for the thing that you're trying to do, sometimes you need detailed control of the resulting code and, to some extent, it remains possible for some people to out-op

IT 61
article thumbnail

The startup studio: A new model for driving innovation

CGI

The startup studio: A new model for driving innovation. shobana.lv@cgi.com. Tue, 01/31/2017 - 05:34. What benefits can a large company derive from an innovation strategy? Is it a fad, an opportunity or a necessity? And, what do we really mean by innovation? Digital has changed everything. At the dawn of the third industrial revolution as described by Jeremy Rifkin [1] , we can observe how digitalization is changing everything based on two key trends: Increasing emergence of new digital technolog

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Article 29 Working Party Releases GDPR Action Plan for 2017

Hunton Privacy

On January 16, 2017, the Article 29 Working Party (“Working Party”) published further information about its Action Plan for 2017 , which sets forth the Working Party’s priorities and objectives in the context of implementation of the EU General Data Protection Regulation (“GDPR”) for the year ahead. The Action Plan closely follows earlier GDPR guidance relating to Data Portability, the appointment of Data Protection Officers and the concept of the Lead Supervisory Authority, which were published

GDPR 60

More Trending

article thumbnail

Measuring transformation

MIKE 2.0

We live in times of rapid change when businesses that assume they have a secure market are suddenly having their world turned upside down. With the most substantive impact coming from technology, many have assumed that large investments in IT and digital would act as a protection. In fact, many of the businesses who have made the largest investments, such as some retailers, are actually the ones experiencing the greatest disruption to their operations.

Retail 40
article thumbnail

NCS Blog: DevOps and Separation of Duties

The Falcon's View

From my NCS blog post : Despite the rapid growth of DevOps practices throughout various industries, there still seems to be a fair amount of trepidation, particularly among security practitioners and auditors. One of the first concerns that pops up is a blurted out "You can't do DevOps here! It violates separation of duties!" Interestingly, this assertion is generally incorrect and derives from a general misunderstanding about DevOps, automation, and the continuous integration/deployment (CI/CD)

article thumbnail

Seven Risks in the Beneficent Cloud

Positively RIM

Today’s Blog is sponsored by MER 2017, Cohasset Associates’ 25 th annual educational conference on electronic records management, in Chicago, May 8-10. U ser beware: amid the security and budgetary advantages of the Cloud, risks lurk, ready to sabotage the unprepared or unsuspecting. Make sure you are not caught unaware. Records Management in the Cloud cries for Information Governance (IG).

Cloud 40
article thumbnail

Using a hybrid IT model to enable modernization

CGI

Using a hybrid IT model to enable modernization. shobana.lv@cgi.com. Mon, 01/30/2017 - 07:00. Modernized information technology is a fundamental prerequisite to taking advantage of new and emerging capabilities to improve mission delivery in the digital age. Yet, legacy systems continue to create challenges and roadblocks for commercial and government organizations, including our U.S. federal agency clients.

IT 53
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

NIST Releases Proposed Updates to Cybersecurity Framework

Hunton Privacy

On January 10, 2017, the National Institute of Standards and Technology (“NIST”) released proposed updates to the Framework for Improving Critical Infrastructure Cybersecurity (the “Cybersecurity Framework”). The proposed updates, which are found in Version 1.1 of the Cybersecurity Framework, are derived from feedback received by NIST regarding the first version, including from responses to a December 2015 request for information and discussions at a workshop held in April 2016.

article thumbnail

Speaking Opportunity?

JKevinParker

Do you need a speaker for your Information Management or Technology event? Contact me with your opportunity.

40
article thumbnail

When does the General Data Protection Regulation not require firms to appoint a Data Protection Officer?

Data Protector

I’m increasingly asked whether particular firms actually need to appoint a Data Protection Officer in order to comply with the requirements of the GDPR. Given that the potential fine for non-compliance (with Article 37) is €10 million Euros or up to 2% of the total worldwide annual turnover, companies quite understandably don't want to get such a basic issue wrong.

B2B 136
article thumbnail

NCS Blog: "Minimum Viable" MUST Include Security

The Falcon's View

"If you're a startup trying to get a product off the ground, you've probably been told to build an "MVP" - a minimum viable product - as promoted by the Lean Startup methodology. This translates into products being rapidly developed with the least number of features necessary to make an initial sale or two. Oftentimes, security is not one of the features that makes it into the product, and then it gets quickly forgotten about down the road.".

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Preparing for GDPR – Let’s Get Started

Managing Your Information

I couldn’t help but smile over the Christmas break when the other half was playing with their latest gadget, a well-known Voice Service speaker. Having started to become familiar with how it operated, the requests were getting shorter and shorter. It would appear that manners are included for free – when the commands were eventually reduced to a single word, the speaker responded with “that wasn’t a very nice way to ask” and the request had to be rephrased before being actioned!

GDPR 28
article thumbnail

Sanctions compliance: Addressing modern compliance challenges (Part 1)

CGI

Sanctions compliance: Addressing modern compliance challenges (Part 1). shobana.lv@cgi.com. Fri, 01/27/2017 - 01:13. As the legal requirements for combatting money laundering and terrorist financing continue to increase, financial institutions are facing mounting compliance challenges. The number of global watch lists and sanctioned activities is on the rise, and watch list data can change daily.

article thumbnail

Swiss-U.S. Privacy Shield Announced

Hunton Privacy

On January 11, 2017, the Swiss Federal Data Protection and Information Commissioner announced that it has reached an agreement with the U.S. Department of Commerce on a new Swiss-U.S. Privacy Shield framework (the “Swiss Privacy Shield”), which will allow companies to legally transfer Swiss personal data to the U.S. The Swiss Privacy Shield will replace the U.S.

Privacy 53
article thumbnail

Configuring GMail to check ISP Mail

Roger's Information Security

My primary email address assigned by my ISP can’t be changed. It gets a lot of spam In the past that wasn’t really a problem because I rarely used it for anything, but a few years ago I foolishly began using it on resumes. Its format is first initial + lastname @ ISP so its relatively professional. Unfortunately there are other people in the world who think that is their email address.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Are You Using System Profile Monitoring to Manage Your DB2 for z/OS DDF Workload? Perhaps You Should

Robert's Db2

Here's a scenario that might sound familiar to you: you have a particular transaction, which I'll call TRNX, that is the source of quite a lot of deadlock activity in a DB2 for z/OS system. It seems that whenever more than one instance of TRNX is executing at the same time, a deadlock situation is highly likely. You went with row-level locking for the table spaces accessed by TRNX, but the trouble persisted.

IT 48
article thumbnail

Predictions 2017: A Chain Reaction

John Battelle's Searchblog

The post Predictions 2017: A Chain Reaction appeared first on John Battelle's Search Blog. This is my 14th annual predictions post. And as I look back on the previous 13 and consider what to write, I’m flooded with uncertainty. That’s not like me. Writing these predictions is something I’ve always looked forward to – I don’t prepare in any demonstrable way, but I do gather crumbs over time, filing them away for the day when I sit down and free associate for how

article thumbnail

OMB Publishes Memorandum on Responding to Data Breaches

Hunton Privacy

On January 3, 2017, the Office of Management and Budget (“OMB”) issued a memorandum (the “Breach Memorandum”) advising federal agencies on how to prepare for and respond to a breach of personally identifiable information (“PII”). The Breach Memorandum, which is intended for each agency’s Senior Agency Official for Privacy (“SAOP”), updates OMB’s breach notification policies and guidelines in accordance with the Federal Information Security Modernization Act of 2014 (“FISMA”).

article thumbnail

UK Prime Minister Seeking to Trigger Brexit Process Sooner than Expected?

Hunton Privacy

On January 31, 2017, the Times of London reported that UK Prime Minister Theresa May plans to invoke Article 50 of the Treaty on European Union on March 9, 2017, meaning that formal Brexit negotiations with the EU could begin thereafter. This coincides with a two-day European Council summit in Malta which the leaders of all 28 EU Member States will be attending.

GDPR 49
article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

CIPL Submits Comments to Article 29 Working Party’s Proposed DPO Guidelines

Hunton Privacy

On January 25, 2017, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party’s (“Working Party’s”) Guidelines on Data Protection Officers (DPOs) (“DPO Guidelines”) that were adopted on December 13, 2016. CIPL’s comments follow its November 2016 white paper on Ensuring the Effectiveness and Strategic Role of the Data Protection Officer under the General Data Protection Regulation , which CIPL submitted as formal

GDPR 49
article thumbnail

FTC Issues Report on Cross-Device Tracking

Hunton Privacy

On January 23, 2017, the FTC released a Staff Report (the “Report”) on cross-device tracking technology that can link multiple Internet-connected devices to the same person and track that person’s activity across those devices. The Report follows a November 2015 workshop on the same subject and is based on information and comments gathered during that workshop.

Privacy 49
article thumbnail

DHS Issues Updated National Cyber Incident Response Plan

Hunton Privacy

On January 18, 2017, the Department of Homeland Security (“DHS”) issued an updated National Cyber Incident Response Plan (the “Plan”) as directed by Obama’s Presidential Policy Directive 41 , issued this past summer, and the National Cybersecurity Protection Act of 2014. The Plan applies to cyber incidents, and particularly focuses on significant cyber incidents that are likely to result in demonstrable harm to the United States’ national security interests, foreign relations or economy, or to t

article thumbnail

Email Privacy Act Reintroduced in Congress

Hunton Privacy

On January 9, 2017, Representatives Kevin Yoder (R-KS) and Jared Polis (D-CO) reintroduced the Email Privacy Act, which would amend the Electronic Communications Privacy Act (“ECPA”) of 1986. In particular, the legislation would require government entities to obtain a warrant, based on probable cause, before accessing the content of any emails or electronic communications stored with third-party service providers, regardless of how long the communications have been held in electronic storage by

Privacy 49
article thumbnail

The Big Payoff of Application Analytics

Outdated or absent analytics won’t cut it in today’s data-driven applications – not for your end users, your development team, or your business. That’s what drove the five companies in this e-book to change their approach to analytics. Download this e-book to learn about the unique problems each company faced and how they achieved huge returns beyond expectation by embedding analytics into applications.

article thumbnail

NIST Releases Privacy Engineering and Risk Management Guidance for Federal Agencies

Hunton Privacy

On January 4, 2017, the National Institute of Standards and Technology (“NIST”) announced the final release of NISTIR 8062, An Introduction to Privacy Engineering and Risk Management in Federal Systems. NISTIR 8062 describes the concept of applying systems engineering practices to privacy and sets forth a model for conducting privacy risk assessments on federal systems.

Risk 49
article thumbnail

FINRA Issues $14.4 Million in Fines for Inadequate Record Storage Practices

Hunton Privacy

On December 21, 2016, the Financial Industry Regulatory Authority (“FINRA”) announced that it had fined 12 financial institutions a total of $14.4 million for improper storage of electronic broker-dealer and customer records. Federal securities law and FINRA rules require that business-related electronic records be kept in “write once, read many” (“WORM”) format, which prevents alteration or destruction.

article thumbnail

South Korea Seeks to Join APEC Cross-Border Privacy Rules

Hunton Privacy

On January 17, 2017, the International Trade Administration (“ITA”) announced that South Korea formally submitted its intent to join the APEC Cross-Border Privacy Rules (“CBPR”) system. South Korea would be the fifth APEC economy to join the system, joining the United States, Mexico, Canada and Japan. The APEC CBPR system is a regional, multilateral, cross-border data transfer mechanism and enforceable privacy code of conduct developed for businesses by the 21 APEC member economies.

Privacy 45