Loading

How to write a GDPR data protection policy…

A version of this blog was originally published on 6 February 2018. The GDPR (General Data Protection Regulation) isn’t just about implementing technological and organisational measures to secure the information you store. You also need…

Zipcar Disruption

This isn't a security story, but it easily could have been. Last Saturday, Zipcar had a system outage: "an outage experienced by a third party telecommunications vendor disrupted connections between the company's vehicles and its…

ISO 27001 Lead Implementer, Lead Auditor and Internal…

A version of this blog was originally published on 25 June 2018. Anyone interested in getting into or advancing their career in cyber security probably knows that they will need training and qualifications. But given…

An Argument that Cybersecurity Is Basically Okay

Andrew Odlyzko's new essay is worth reading -- "Cybersecurity is not very important": Abstract: There is a rising tide of security breaches. There is an even faster rising tide of hysteria over the ostensible reason…

Loading

Morrisons heads to the Supreme Court over data…

The Supreme Court has given Morrisons permission to appeal a ruling that found the supermarket liable for a data breach caused by a malicious insider. Morrisons has lost two cases related to its March 2014…