Neil Ford, Author at IT Governance Blog En

Cyber attacks and data breaches in review: September 2021

Neil Ford 4th October 2021 Cyber Security No Comments

In September, we noted 97 security incidents comprising 91,127,815 million breached records. A single incident accounted for 61 million of those breached records – the same number compromised in the whole of August. As ever, you can find the full …

[Continue Reading...]

GDPR: third-party data processors’ responsibilities

Neil Ford 12th March 2020 GDPR No Comments

Under the GDPR (General Data Protection Regulation), your organisation’s compliance requirements depend on whether you are a data controller or data processor. A data controller is the person or organisation that determines how and why personal data is processed. A data processor is the person or …

[Continue Reading...]

The benefits of implementing an ISMS

Neil Ford 19th March 2019 ISO 27001 No Comments

The international standard ISO/IEC 27001:2013 (ISO 27001) sets out the requirements for an ISMS (information security management system), an approach to securing information that relies on regular risk assessments to ensure the measures you put in place are appropriate to …

[Continue Reading...]

Auditing your GDPR compliance

Neil Ford 25th June 2018 Data Protection, GDPR No Comments

The EU General Data Protection Regulation (GDPR) has imposed many new obligations on organisations that process EU residents’ personal data. An audit will assess whether your organisation is meeting these obligations.

[Continue Reading...]

Non-EU organisations block European traffic to avoid GDPR obligations

Neil Ford 20th June 2018 Data Protection, GDPR, Irish Blogs No Comments

As well as applying to all organisations in the EU that process personal data, the GDPR (General Data Protection Regulation) applies to non-EU organisations that offer goods and services to, or monitor the behaviour of, EU residents.

[Continue Reading...]

Ransomware relies on human fallibility – it’s time to patch the human

Neil Ford 5th June 2017 Cyber Security, Product Blog No Comments

Crypto-ransomware – malware that extorts money from victims by encrypting their files and systems until they pay a ransom – has been much in the news since WannaCry hobbled IT systems around the world last month. While much was made …

[Continue Reading...]

European Commission announces Safe Harbor replacement: the EU-US Privacy Shield

Neil Ford 3rd February 2016 Cyber Security, Data Protection No Comments

The European Union and the United States have reached a last-minute agreement on international data transfers following last October’s ruling by the European Court of Justice that Safe Harbor, the 15-year-old pact between the EU and the US, was invalid. …

[Continue Reading...]

European Data Coalition lobbies against GDPR Article 43a – the ‘anti-FISA’ clause

Neil Ford 3rd September 2015 ISO 27001 No Comments

One area on which no agreement was reached, however, was Article 43a (aka the anti-FISA clause), which was proposed by the European Parliament following Edward Snowden’s revelations.

[Continue Reading...]

GDPR Trilogue: “satisfying agreement” on EU data protection law

Neil Ford 3rd August 2015 Cyber Security, Data Protection, ISO 27001 No Comments

Progress continues to be made on the EU General Data Protection Regulation (GDPR) – albeit slowly. Last month’s round of GDPR negotiations – the second ‘trilogue’ between the European Parliament, the European Council and the European Commission – addressed the …

[Continue Reading...]

New German cyber security law to protect critical infrastructure

Neil Ford 13th July 2015 Cyber Security 4 Comments

Germany has passed a new IT security law requiring critical infrastructure institutions to implement minimum information security practices or face fines of up to €100.000. The new law, which was drafted last August, was passed by the Bundestag last month …

[Continue Reading...]

Neil Ford Archive