I was lucky enough to get to talk at the Diana Initiative 2020 conference. One particularly bright side to complement all the compromises we have been making this year. I have wanted […]
We’ve migrated from ‘Hot or Not?’ to being held virtually hostage by many of the digital platforms we rely on today. In the midst of that a new processing paradigm has emerged. Myriad startups want to pay to play with your personal data. Can that tackle on-going privacy and human rights issues?
…and the architects, designers, data scientists, and developers will think we are nuts. People will buy AI without asking enough questions…it’s human and market nature.
On the face of it organisations were just made liable for nefarious data doings of any nasty individual they might have had the misfortune to employ… or nice employees who just mess […]
Welcome back! This is a shamefully delayed sequel to my first instalment of security themed GDPR thoughts: Data Protection, Security, and the GDPR: A fraught and fuzzy relationship. Here I look back […]
Confirm whether you are in or out of scope of the #GDPR and ask yourself why that’s important.
Anyone with any knowledge of the goings on in digital advertising, political campaign management, or (for that matter) military information operations, will have been utterly unsurprised by the news over the last […]
There can be no security without data protection There can be no data protection without security Of course neither is true. These kind of click-baity absolutist positions are a pervasive internet blight […]
So you’ve found, sorted and mapped data, but can you implement required processing controls? #GDPR
There is one question related to the General Data Protection Regulation that will arguably cause more ulcers than any other: How much is enough? In some portions of the GDPR ‘good’ is […]
Automated Data Discovery – What’s the real #GDPR value-add? And have you got what it takes to realise it?
Lessons learned along the way and plans to help you avoid FUD provoked GDPR investment
Part of the Infospectives Diary Of An InfoSec Kid series. Originally written about the Kiddicare hack, but now 117 Million LinkedIn usernames and passwords have been found for sale on the darknet […]
Blockchains are tackling the ‘I’ in the holy InfoSec CIA trinity more simply and robustly than anything that’s gone before, but can we grasp this well enough to avoid expensive purchasing and security mistakes?
Maria Korolov, writing for CIO Online, summarised key findings from (ISC)2’s recent report on Women In Security. A report informed by the their 2015 Global Information Security Workforce Study. The standout figure? […]
Wild Speculation & IT Transformation – A four-part story of budget cuts, blamestorming, breaches and massive bumps in the road to mature security.
It looks entirely possible you will have ‘adequate’ security dictated by your insurers, so it is your job to understand the risk based yardstick they’re using to define that
There is no such thing as Information Security risk. There are just business risks that have one or more security or IT related causes.
Mystifying online privacy policies, frenzied Facebook data harvests and the ‘right to be forgotten’. Can they work together and how easy is it for users and businesses to find the right side of the law?
The below is something I wrote in late 2016 to get a bubbling sense of dread out of my far too busy head. Originally posted under a pseudonym elsewhere, then removed because […]
Busking on some mental connections made. A purely subjective meander through some thoughts provoked in the last few days.
Thinking out loud, with the help of Robin Wilton (@futureidentity), about gut reactions to the next big startup thing in this data protection and privacy space.
TL;DR I’ve lost a lot of weight, I plan to lose plenty more, and the whole thing is lousy with analogies for the day job. …about a whale ball worth In the last […]