Cybersecurity awareness training: a constant in a changing world
There are two schools of thought when it comes to users and cybersecurity. Some people working in the industry think of users as the weakest link. We prefer to see them as the first line of defence. Cybersecurity awareness training programmes can address staff shortcomings in knowledge, promote positive behaviour and equip non-experts with enough […]
Ransomware remains a risk, but here’s how you can avoid infection
It’s been a case of good news/bad news when it comes to ransomware recently. New figures from Microsoft suggest that Ireland had one of the lowest rates of infection in the world in 2018. But in early May, a sophisticated strain of ransomware called MegaCortex began spiking across Ireland, the US, Canada, Argentina, France, Indonesia […]
GDPR one year on
May 2019 marks the first anniversary since the General Data Protection Regulation came into force. What has changed in the world of privacy and data protection since then? BH Consulting looks at some of the developments around data breaches, and we briefly outline some of the high-profile cases that could impact on local interpretation of […]
Security roundup: May 2019
We round up interesting research and reporting about security and privacy from around the web. This month: password practice, GDPR birthday, c-suite risk, and further reading for security pros. Passwords: a good day to try hard No self-respecting security pro would use easy passwords, but could they say the same for their colleagues (i.e. everyone […]
BH Consultings guide to data classification
As information security professionals, we often face a challenge when trying to explain what we mean by ‘data classification’. So here’s my suggestion: let’s start by not calling it that. In my experience, the minute you call it that, people switch off. Our role should be to try to engage an audience, not scare them […]
Security roundup: April 2019
We round up interesting research and reporting about security and privacy from around the web. This month: healthy GDPR, gender rebalance, cookie walls crumble, telecom threats and incident response par excellence. A healthy approach to data protection Ireland’s Department of Health is now considering amendments to the Health Research Regulations, with data protection as one […]
Password-less future moves closer as Google takes FIDO2 for a walk
For years, many organisations – and their users – have struggled with the challenge of password management. The technology industry has toiled on this problem by trying to remove the need to remember passwords at all. Recent developments suggest we might finally be reaching a (finger) tipping point. At Mobile World Congress this year, Google […]
When is it fair to infer?
While the GDPR framework is robust in many respects, it struggles to provide adequate protection against the emerging risks associated with inferred data (sometimes called derived data, profiling data, or inferential data). Inferred data pose potentially significant risks in terms of privacy and/or discrimination, yet they would seem to receive the least protection of the […]
Five data protection tips from the DPC’s annual report
The first post-GDPR report from the Data Protection Commission makes for interesting reading. The data breach statistics understandably got plenty of coverage, but there were also many pointers for good data protection practice. I’ve identified five of them which I’ll outline in this blog. Between 25 May and 31 December 2018, the DPC recorded 3,542 […]
Security roundup: March 2019
We round up interesting research and reporting about security and privacy from around the web. This month: ransomware repercussions, reporting cybercrime, vulnerability volume, everyone’s noticing privacy, and feeling GDPR’s impact. Ransom vs ruin Hypothetical question: how long would your business hold out before paying to make a ransomware infection go away? For Apex Human Capital […]