Post Brexit, what options are available for a GDPR-light Data Protection Act?

Data Protector

Let’s think the unthinkable. Lets assume that, post Brexit, the British Government has an opportunity to decide how its data protection legislation should reflect the requirements of an aspiring British economy.

GDPR 170

My Latest Article Published at Today’s General Counsel

Getting Information Done

General Counsel Can Spur Legal Hold Success Check out my latest article which was published in the December/January 2017 digital edition of Today’s General Counsel titled: “General Counsel Can Spur Legal Hold Success” .

How to Work Beyond the Corporate Firewall Safely


Today's workforce is increasingly distributed, increasingly mobile, and increasingly expecting telework options. This equates to more people working beyond the corporate walls and beyond the corporate IT firewall.

Google Capitulates to Facebook’s Identity Machine: Is This Good News For The Open Web?

John Battelle's Searchblog

The post Google Capitulates to Facebook’s Identity Machine: Is This Good News For The Open Web? appeared first on John Battelle's Search Blog. Long time readers of this site know that once a year I make predictions, and revisit those I made the year before. But it’s not often I look back farther than one year to see if perhaps I was just a tad too early. It appears in the case of Google and personal data, I was.


Imperial Violet

Security protocols often assume an accurate, local clock (e.g. TLS, Kerberos, DNSSEC and more). It's a widely accepted assumption when designing protocols but, for a lot of people, it just isn't true. We find good evidence that at least 25% of all certificate errors in Chrome are due to a bad local clock. Even when the local clock is being synchronised, it's very likely to be using unauthenticated NTP.

Why can’t we be briefed like the President?


It started with a simple question posed by a senior marketing exec during a staff meeting.

More Trending

Information Governance Must Change


Information governance (IG) is all the rules, regulations, legislation, standards, and policies with which organizations need to comply when they create, share, and use information. Governance is mandated internally and externally. PHIGs IMC Inc – 2014 ).

Hacking the 0-day Supply Chain


I’ve been thinking about security and the supply chain a lot lately, likely for obvious reasons to anyone in the information security industry.

IoT's moment of truth -- who can secure the data flows?

Collaboration 2.0

Innovative Internet of Things efforts need the maturity and experience of industrial internet service providers to secure data platforms and drive growth

IoT 83

What Is Our Professional Future?

Brandeis Records Manager

George Despres, CRM. Program Director for University Records Management, Brandeis University. The content in this blog reflects the opinions of the author, and not of Brandeis University.). Like most people, I prefer to have a reasonable sense of job security, as long as my interest is engaged. I hope and need to remain in the workforce for many more years. At the risk of sounding alarmist, I have concerns about the records management profession’s long-range future.

My (somewhat unreliable) data protection predictions for 2017

Data Protector

I’ve recently had a quiet year on the blogging front – my professional duties have prevented me from playing a more active role on the Internet during this year than I would have liked, but that is set to change in 2017.

GDPR 156

My Latest Article Published at Document Strategy Magazine

Getting Information Done

How to Get Your Information Governance Projects Funded One of the big challenges for information governance professionals is getting buy-in from business stakeholders and sponsors for funding projects.

Excited for the 2017 AIIM Conference


I'm very excited for another AIIM Conference! AIIM17 will be held this March in Orlando. If you are an information professional, you will really benefit from attending the AIIM Conference. It is on my very short list of must-attend events in our profession.

Predictions 2016: Apple, Tesla, Google, Medium, Adtech, Microsoft, IoT, and Business on a Mission

John Battelle's Searchblog

The post Predictions 2016: Apple, Tesla, Google, Medium, Adtech, Microsoft, IoT, and Business on a Mission appeared first on John Battelle's Search Blog. Twelve years of making predictions doesn’t make writing them any easier, regardless of my relatively good showing in 2015.

IoT 83

Cryptographic Agility

Imperial Violet

( These are notes that I wrote up from a talk that I gave at the National Academies Forum on Cyber Resilience. You can tell that it was in Washington, DC because of the “cyber”. I wasn't quite sure how technical to pitch this talk so it's relatively introductory; regular readers probably know all this. This isn't a transcript of what I said, but I try to hit the main points in my notes. ). Firstly I'd like to separate extensibility from agility.

Topic Intelligence Infographic


Check out our infographic below and get accustomed to how Attensa topics work and what it can do for organizations. If you haven’t yet, feel free to read our introductory post on Topic Intelligence here which contains a useful explanation video on what topic intelligence is. Enjoy!

DB2 for z/OS: Using PGFIX(YES) Buffer Pools? Don't Forget About Large Page Frames

Robert's Db2

Not long ago, I was reviewing an organization's production DB2 for z/OS environment, and I saw something I very much like to see: a REALLY BIG buffer pool configuration. In fact, it was the biggest buffer pool configuration I'd ever seen for a single DB2 subsystem: 162 GB (that's the combined size of all the buffer pools allocated for the subsystem).

Blog 52

Taps ‘n’ Apps: Craft Beer Meets the Cloud


Note : this post contains links to every craft brewery in British Columbia and Alberta that I could find. Sadly, I have yet to sample all of their wares.

Siri Lock Screen Bypass in news your non security friends read

Roger's Information Security

This morning I read an article on Good HouseKeeping (don’t make fun, it was a link on one of the news links that get pushed in your face on my start page. I think it was Bing. I hate the news links but like the pictures). It’s interesting to see what security items make it into websites for ‘normal’ people.

MDM 49

HCL transcending US protectionism with clear alignment to client's global digital business needs & goals

Collaboration 2.0

HCL's 'Great Digital Leap Forward' will keep astute client partners ahead of US offshoring BPO political protectionism


Fact Denial and the Record Under Threat

Brandeis Records Manager

George Despres, CRM. Program Director for University Records Management, Brandeis University. The content in this blog reflects the opinions of the author, and not of Brandeis University.). As if we don’t have enough challenges, controlling information today. Part of our culture, at least here in the U.S., has embraced the acceptance of non-truths and the repudiation of facts in the record. It has also embraced the pseudo-record and fake news.

Apollo – they can’t still be up to their old tricks?

Data Protector

Two years ago I blogged about an unsettling experience I had with Apollo, a firm that had confused me as to what they were really all about. Since then, I’ve had a number of emails from people who have had similar experiences.

New White Paper Published

Getting Information Done

Not if, But When You Get Hacked: Measuring and Proactively Managing Information Risk If this is true, then what are organizations to do? These increased cyber security threats corporations face today is a big concern for Board members and CEOs.

How to Plan a Successful Information Management Solution Implementation


At the 2016 Information Governance Conference , I presented on "How to Plan a Successful Information Management Solution Implementation". Get my slide deck from SlideShare. Related: Check out my Reflections on the 2016 InfoGovCon. Summary Start with information strategy, architecture, and governance. Recruit an executive champion and cross-departmental partners. Partner with your IT organization. Plan for continuous implementation and improvement. Plan for user adoption.

The NewCo-BigCo Shift or, These Nine Things Will Change Business Forever

John Battelle's Searchblog

The post The NewCo-BigCo Shift or, These Nine Things Will Change Business Forever appeared first on John Battelle's Search Blog. Addressing the crowd at Dollar Shave before interviewing CEO Michael Dubin during NewCo LA last November. cross posted from NewCo ).

memcpy (and friends) with NULL pointers

Imperial Violet

The C standard (ISO/IEC 9899:2011) has a sane-seeming definition of memcpy (section The memcpy function copies n characters from the object pointed to by s2 into the object pointed to by s1. Apart from a prohibition on passing overlapping objects, I think every C programmer understands that.

Slack + Attensa


Slack is a powerful tool that has changed the way we communicate. Internally within an organization or publicly, people are able to leverage the power of channels (#) in the workplace. Now if you couple Slack with Attensa RSS publishing, you have something even better.

Sales 52

In Praise of the Invisible DB2 for z/OS System

Robert's Db2

I've been working with DB2 for z/OS -- as an IBMer, as a user, as an independent consultant -- for 30 years. I was with IBM when DB2 was introduced to the market. I've met people who were part of the core team at IBM that invented relational database technology. I was privileged to serve for a year as president of the International DB2 Users Group. DB2 has been very good to me, and the work I do as a DB2 for z/OS specialist I do with commitment and passion.

The More Things Change …


Last week I wrote that I’m starting to focus on a new market for my services; for a number of reasons I’ve decided to have a go at landing clients from the craft beer industry in Western Canada. Something I didn’t mention in last week’s post is that the craft beer scene in Alberta is booming.

Password Expiration

Roger's Information Security

FTC Chief Technologist Lorrie Cranor wrote in March it is time to reconsider mandatory password changes. Unless there is reason to believe a password has been compromised or shared, requiring regular password changes may actually do more harm than good in some cases. And even if a password has been compromised, changing the password may be ineffective, especially if other steps aren’t taken to correct security problems.). The prime reason given is users pick bad passwords.

We Must Improve the HTTPS Message


HTTPS is as important today as it has ever been. If you are transferring sensitive data you should use HTTPS to encrypt data in transit, that is not up for. Read More. The post We Must Improve the HTTPS Message appeared first on PerezBox. Security Web And Information Security

The Information Management Umbrella

Brandeis Records Manager

George Despres, CRM. Program Director for University Records Management, Brandeis University. The content in this blog reflects the opinions of the author, and not of Brandeis University.). A colleague at another university recently polled a listserv group of records managers in Higher Ed. The survey probed the records management programs’ locations within the organization. The last “extra credit” question was whether or not we would recommend our current organizational locations.

My 7 top security publications from the ICO

Data Protector

Given what can only be described as an omnishambles of security breaches, is there much more that the ICO can do to warn data controllers of the risks they should take account of? Probably not.

[0day] [exploit] Compromising a Linux desktop using. 6502 processor opcodes on the NES?!

Scary Beasts Security

Overview A vulnerability and a separate logic error exist in the gstreamer 0.10.x player for NSF music files. Combined, they allow for very reliable exploitation and the bypass of 64-bit ASLR, DEP, etc.