REQUEST A DEMO

Blog

Third-Party Risk and the Digitisation of the Public Sector

Third-Party Risk and the Digitisation of the Public Sector   The public sector handles some of the most private and sensitive personal data, including financial, health and social security records, and citizens have the right to expect it will be managed as safely and securely as possible. At the same time there is an ever-increasing…

LEARN MORE

Exercising Good Data Privacy and Compliance Judgement

Exercising Good Data Privacy and Compliance Judgement   Those of us in the privacy profession knew it was only a matter of time that privacy-minded organisations would eventually see the benefits of their internal analysis and hard work. Their efforts to refine and/or create policies, procedures, standards and practices that better secure and guard privacy…

LEARN MORE

Data Protection Day – A timely reminder of the principles and importance of GDPR 3rd Party Compliance

Happy Data Protection Day! January 28th 2019 is Data Protection Day (a.k.a. Data Privacy Day), providing a focal point to the importance of respecting privacy, safeguarding data and enabling trust between data subjects and those who store, process and use their data. In support of Data Protection Day the web site www.staysafeonline.org provides a suite…

LEARN MORE

Understanding and addressing “Outsourcing Risk” – responding to the CBoI’s Nov 2018 discussion paper

In November 2018 the Central Bank of Ireland published the discussion paper “Outsourcing” providing findings and Issues for discussion based upon observations derived from their survey of regulated firms and ongoing supervisory engagement, risk assessments and reviews. As the CBoI says themselves “These observations highlight the need to ensure outsourcing risk is a core priority…

LEARN MORE

Marriott’s Data Breach Underscores Importance of Scrutinising Data Security Policies During M&A

Massive data breach also gives rise to calls for stronger data protection legislation The ever-increasing line of corporate data breaches grew longer last week, as Marriott International disclosed that it had been the latest victim of a massive cyber-attack.  On Friday, November 30th, 2018, Marriott announced the largest data breach in its history that compromised…

LEARN MORE

Fear, Uncertainty and Doubt May Be Clouding Cyber Insurance and ERM-Cybersecurity Integration

As cybersecurity programs become more integrated into enterprise risk management (ERM) programs, security professionals grapple with new issues. Rather than relying on fear, uncertainty and doubt (FUD) to fuel their business case for budget increases, cybersecurity leaders are striving to quantify the business impact and probability of cybersecurity events while evaluating new options, including cyber…

LEARN MORE

Missing the point? Should cyber insurance cover GDPR fines?

Should cyber insurance cover GDPR fines? I see the interesting debate around whether GDPR fines should be covered within corporate cyber insurance policies has raised its head again. See Law360’s GDPR Fines May Be Uninsurable, Broker Warns and Are GDPR Fines Insurable? UK Watchdog Won’t Say With increasing regulation and scrutiny placed on organisations and…

LEARN MORE

Expect the Unexpected: 5 Keys to Managing Third Party GDPR Risk

Expect the Unexpected: 5 Keys to Managing Third Party GDPR Risk As the European Union’s (EU’s) General Data Protection Regulation (GDPR) May 25 effective date approached this spring, its sweeping compliance requirements socked companies with major surprises. The regulation’s global jurisdictional reach, EU-specific definition of “sensitive data,” steep penalties, hefty compliance costs, and applicability to…

LEARN MORE

3rd Party Vendor Breach Leaves Thousands of “Vulnerable People” at Risk

A security incident at The Pennsylvania Department of Corrections has compromised the personal information of a seemingly “vulnerable population” Recently, Accreditation, Audit, and Risk Management Security LLC, an online systems vendor for the Pennsylvania Department of Corrections, suffered a data breach that exposed the Personally Identifiable Information (PII) – including names, Social Security Numbers, medical…

LEARN MORE

Digital Transformation Gives Rise to 3rd Party Vendor Vulnerabilities

3rd party vendor relationships present plenty of opportunities for cybercriminals   Digital transformation is imperative for any business striving to deliver value to customers and remain relevant in fiercely competitive landscapes. Whether moving an existing infrastructure to a cloud platform or incorporating IoT devices and analytics into business models, these technologies enable organisations to increase…

LEARN MORE