Security Roundup February 2021
Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Crime doesn’t pay… unless you’re in the ransomware business Ransomware victims shouldn’t use their insurance firms to pay to get their data back because they’re inadvertently funding organised crime. That was the harsh message from Ciaran Martin, former head of […]
BH Consulting webinar looks at EU data transfer fallout from Schrems II
In our latest webinar, we looked at the EU data transfer fallout from Schrems II. Any company transferring data outside the EU needs to identify any risks arising from international transfers to ensure it can comply with EU levels for protecting personal data. That was one of the key conclusions from BH Consulting’s webinar about […]
Security Roundup January 2021
Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Do we really have to look back at 2020? It turns out COVID-19 was far from the only bad news during the past year. From a cybersecurity perspective, the year had more than its share of incidents. Unsurprisingly, the SolarWinds supply chain attack […]
What’s changing for Standard Contractual Clauses?
For organisations needing to transfer data internationally, Standard Contractual Clauses (SCCs) are one option for staying compliant with the GDPR. But following the Schrems II ruling last summer, SCCs have been upgraded. In the third blog in our series on the CJEU ruling, Sarah Clarke looks at what’s changing for SCCs. SCCs are one of […]
Rioters Open Capitol’s Doors to Potential Cyberthreats
Security Experts: Federal Computer System in Capitol Building Is Endangered Read More ›
International Transfers – Understanding the EDPB Guidance
The European Data Protection Board (EDPB) has issued its anticipated recommendations that describe how controllers and processors transferring personal data outside the European Economic Area (EEA) may comply with the ‘Schrems II’ ruling from now on. This is the second blog in our series on the evolving international transfers landscape following the Court of Justice […]
3 myths about ISO 27001 certification
If you are currently weighing up your options for ISO 27001 certification, you might be interested in three of the most common misconceptions about the Standard. Read More ›
Parting Shots (Q4 2020 Issue)
The seven nations called on technology companies to work with governments to take the following steps in order to “focus on reasonable, technically feasible solutions: Read More ›
Is California’s new privacy law just an Act? (CPRA)
When the California Consumer Privacy Act (CCPA) became effective on 1 January 2020, California became the first U.S. state with a consumer privacy law. According to the State’s attorney general, CCPA “gives consumers more control over the personal information that businesses collect about them”. On 3 November 2020, Californians then voted in favour of Proposition […]
Lawful processing after Schrems II – a practical guide for continued compliance
The fallout from the European Court of Justice (CJEU)/Schrems II ruling on the validity of the US/EU Privacy Shield continues to have an impact on organisations. The ruling makes it challenging to transfer data to countries where equivalent data protection is not possible, leaving companies with the difficult task to find a defensible position for […]