Data Breach Preparation and Response in Accordance With GDPR

Data Breach Preparation and Response in Accordance With GDPR

Many may be familiar with guidelines on personal data breach notification from Article 29 Working Party (WP29) prepared in October 2017 under Regulation 2016/679. In addition, the General Data Protection Regulation (GDPR) introduces the requirement for a personal data breach (henceforth “breach”) to be notified to the competent national supervisory authority. The basic concept of [...]

Cloud Security: Embracing Change Requires a Mindset Shift

Cloud Security: Embracing Change Requires a Mindset Shift

When meeting with organizations across EMEA, I often hear them cite concerns about putting security in the cloud. However, in the following discussions, they typically admit that doing just that is inevitable. There’s a mindset change here that needs to be embraced on all sides of the cybersecurity equation. I’ve worked previously with companies operating [...]

GDPR Can’t Fix Stupid

GDPR Can’t Fix Stupid

GDPR, the much-discussed General Data Privacy Regulation from the European Union, will not be a cure-all for the world’s data privacy problems simply because the GDPR, like every law, is subject to the bureaucracy out of which it was born. This bureaucracy can be compared to a super tanker and those who would violate the [...]

Automating Cloud Security with Ansible and Palo Alto Networks

Automating Cloud Security with Ansible and Palo Alto Networks

History has shown that using automation to perform repetitive tasks without human assistance can result in labor and production cost reductions as well as improvements to quality, accuracy and precision. In the ongoing effort to protect applications and data from bad actors, automating repetitive security tasks allows you to achieve the same benefits of accuracy, [...]

Should CISOs Expand Their Portfolios?

Should CISOs Expand Their Portfolios?

CISOs have traditionally focused on the triad of “Confidentiality, Integrity and Availability.” Recently, emphasis has been placed on confidentiality, hackers and zero-day attacks. However, industry trends now require that focus to broaden to all business information risks within organizations. Since information is a key part of almost all business transactions, information risks are becoming pervasive. The [...]