Security Roundup September 2019
House of cards collapses from privacy overreach One of the summer’s big data privacy stories saw Ireland’s data protection watchdog criticise the Government’s Public Services Card scheme. Originally just for accessing social welfare payments, the PSC scheme expanded over time. The DPC’s investigation found the Government had no legal basis to tell citizens they needed […]
Good password practice
Few things are as central to the concept of security as passwords. Guarded by those who have them, coveted by those who want them, passwords are the keys to the proverbial kingdom. The kingdom in this case being the ever-expanding range of online services we use in our daily lives. Passwords unlock services that help […]
Lessons learned from public services card
Today the DPC provided its 170 page long awaited findings into the validity of the Public Services Card (PSC) to the Department of Social Protection leading to calls for the Minister to resign – so how badly did the Irish Government violate our data protection rights? Initial concerns were raised about the card some years ago as […]
Data protection roles in customer service and trust
Some organisations and companies are “hiding behind” their data protection and privacy obligations, and it’s leading to poor customer service. In doing so, they’re missing an opportunity to build trust and deliver a better customer experience. That’s the view of Valerie Lyons, BH Consulting’s COO and senior consultant, in a recent interview with the Irish Independent. The General […]
Security roundup: August 2019
Every month, we dig through cybersecurity research, trends, advice and news for our readers. This month: pwning an entire country, data protection developments, and why anonymised data could still add up to your identity. Bulgarian rhapsody As data breaches go, four million records barely registers on the scale these days but this one was different. […]
Nine lessons for strong incident response and recovery in a data breach
Data breaches are rarely out of the headlines, but the recent proposed fines against BA and Marriott will have pushed this risk back to the forefront for many businesses. Like many security threats, breaches are nothing new; we’ve covered this subject on our blog many times in the past. A data breach can take many […]
Five tips for managing data subject access requests under GDPR
“Information wants to be free”, was the old technology activist’s mantra – but someone has to pay the price. The catchphrase has taken on fresh meaning since the General Data Protection Regulation (GDPR) came along. It’s made people more aware they are entitled to copies of information about themselves, and it’s placing a heavy workload […]
Lessons learned from BA and Marriott data breaches
There’s been lots of talk about regulations with bite, a watchdog baring its teeth, and that ‘the gloves are off’ after the UK Information Commissioner’s Office one-two punch of a £184 million fine against British Airways, and £99 million against Marriott International announced a day later. It certainly looks like the ICO went for the […]
Security roundup: July 2019
Every month, we dig through cybersecurity and data protection research, trends, advice and news for our readers. This month: T&Cs, stronger security in Europe, and a birthday with bitter memories. Policing policies to protect privacy One of the greatest lies on the internet is “I have read the terms and conditions”. But maybe most people […]
BH Consulting archives: fake invoicing scams are a constant security risk
Trawling through archives can quickly turn bittersweet when it hits home how little has changed between past and present. Looking back through the posts on BHconsulting.ie, invoice redirect scams have featured regularly since 2015. Fast forward to 2019: An Garda Siochana warned that this fraud cost Irish businesses almost €4.5 million this year. The global […]