Luke Irwin Archive
Alphabet soup: that’s what it is. A real alphabet soup. The GDPR, CCPA, HIPAA, COPPA, GLBA, and LGPD. All of these letters represent laws. Laws here, there, and everywhere. Laws in Europe. Laws in the U.S. Laws in Brazil. Laws …
Next year, organizations across the U.S. will have a new law to contend with when collecting personal data – the CCPA (California Consumer Privacy Act). Under the new rules, which take effect from January 1, 2020, organizations must tell California …
The GDPR (General Data Protection Regulation) isn’t only about preventing data breaches (it’s equally focused on strengthening data subjects’ rights), but organisations have understandably honed in on the importance of effective data protection. Both objectives have clear benefits for organisations, but the …
Cyber attacks are an increasingly serious risk for organizations, but many senior staff seem to believe that their organization won’t be targeted. They might say that their organization is too small to be on attackers’ radars, or that they don’t …
On one of IT Governance’s EU General Data Protection Regulation (GDPR) training courses last year, a delegate from a well-known financial services company asked: I’ve just come on the course to understand how the GDPR works. Why do I need …
Whenever organizations seek certification, they rely on the good judgment of auditors. Most of the time that’s fine, but sometimes auditors pick up bad habits and make poor decisions. If you’re an auditor or an organization that’s being audited, you …
If you’re trying to advance your cybersecurity career, there’s good news. A report from job listings site Indeed found that the number of advertised cybersecurity jobs increased by 3.5% between March 2017 and March 2018. The report also lists the …
Many people mistakenly think that information security is all about technology. It obviously plays a massive part in any organization’s security measures, but technology alone can’t protect you from modern cyber threats. Rather, it forms one of three pillars on …
Information security policies are essential for tackling organizations’ biggest weakness: their employees. Everything an organization does to stay secure, from implementing state-of-the-art technological defences to sophisticated physical barriers, relies on people using them properly. It only takes one employee opening a phishing …
Just months earlier, the attorney generals from all U.S. states announced that California-based Uber was hit with a $148 million fine for failing to report a 2016 data breach. Now, the UK’s ICO (Information Commissioner’s Office) has fined Uber £385,000 …
