Conor Donnelly Archive
Last Friday, Facebook announced that it has uncovered a bug that may have affect up to 6.8 million of its members. This bug gave third-party apps access to more users’ photos than they originally thought. The bug was found in …
Under the EU GDPR (General Data Protection Regulation), which came into force on 25 May 2018, certain organisations are required to appoint a DPO (data protection officer).
Staff awareness is key to ensuring an organisation is secure. All members of staff need to be able to spot suspicious activity and, more importantly, know who to report this to, to ensure it is properly dealt with.
Organisations should take a “human-first approach” to preparing for the Directive on security of network and information systems (NIS Directive), the new law designed to help ensure that essential services remain operational, says the co-founder and chief technology officer of …
Control A15.2 of ISO 27001 requires that, as part of an information security management system (ISMS), “managers within an organisation ensure that security policies are followed”. Here are five practical tips to consider when planning your internal audits.
Keeping cardholder data secure can be incredibly difficult, but have you tried… not storing so much information? You’d be surprised at how effective that apparently flippant advice is. Organisations often store more information than they need, making security trickier than …
The requirements of the Payment Card Industry Data Security Standard (PCI DSS) should be considered the starting point of security. The Standard doesn’t cover everything that organisations can do to protect payment card data, but it does cover everything that …
The GDPR will not require transposition into law, so organisations involved in data processing of any sort need to be aware that it addresses them directly and that they must comply.
Supervisory authorities such as Ireland’s Data Protection Commissioner (DPC) have highlighted ISO 27001, the international standard that describes best practice for an information security management system (ISMS), to provide assurance that the necessary technical and organisational requirements to prevent a …