Meet the new flaws, same as the old flaws: how to do vulnerability management better
When it comes to vulnerability management, the old Donald Rumsfeld quote about ‘known knowns and unknown unknowns’ springs to mind. Unless an organisation understands what its weak points are, how can it strengthen or mitigate them, or accept the risks? Carrying out a vulnerability assessment and evaluating the risk from any weak points it uncovers […]
Ransomware Attacks Remain Persistent and Pervasive
Ransomware has been the scourge of businesses for some time now, and it doesn’t seem that there is an end in sight where the impact to business is concerned. Read More ›
Doing Privacy Right vs. Doing Privacy Rights
The CISO Stories Podcast Episode #3 Read More ›
Securing the Future: Cybersecurity Predictions for 2021
What can we say about next year in cybersecurity? What trends are we likely to see? What shifts should enterprises be prepared for? Read More ›
Security Roundup February 2021
Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Crime doesn’t pay… unless you’re in the ransomware business Ransomware victims shouldn’t use their insurance firms to pay to get their data back because they’re inadvertently funding organised crime. That was the harsh message from Ciaran Martin, former head of […]
BH Consulting webinar looks at EU data transfer fallout from Schrems II
In our latest webinar, we looked at the EU data transfer fallout from Schrems II. Any company transferring data outside the EU needs to identify any risks arising from international transfers to ensure it can comply with EU levels for protecting personal data. That was one of the key conclusions from BH Consulting’s webinar about […]
Security Roundup January 2021
Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Do we really have to look back at 2020? It turns out COVID-19 was far from the only bad news during the past year. From a cybersecurity perspective, the year had more than its share of incidents. Unsurprisingly, the SolarWinds supply chain attack […]
What’s changing for Standard Contractual Clauses?
For organisations needing to transfer data internationally, Standard Contractual Clauses (SCCs) are one option for staying compliant with the GDPR. But following the Schrems II ruling last summer, SCCs have been upgraded. In the third blog in our series on the CJEU ruling, Sarah Clarke looks at what’s changing for SCCs. SCCs are one of […]
Rioters Open Capitol’s Doors to Potential Cyberthreats
Security Experts: Federal Computer System in Capitol Building Is Endangered Read More ›
International Transfers – Understanding the EDPB Guidance
The European Data Protection Board (EDPB) has issued its anticipated recommendations that describe how controllers and processors transferring personal data outside the European Economic Area (EEA) may comply with the ‘Schrems II’ ruling from now on. This is the second blog in our series on the evolving international transfers landscape following the Court of Justice […]