Ireland’s cybersecurity watchdog publishes new guidance for businesses
Ireland’s National Cyber Security Centre has published guidance on cybersecurity for Irish businesses. It’s a welcome addition to the roster of material available to help organisations to develop or refine their security strategy. The team at BH Consulting has picked out key points from the guide, and added some more context and analysis. The report’s […]
No-deal Brexit and GDPR: here’s what you need to know
Business craves certainty and Brexit is currently giving us anything but. At the time of writing, it’s looking increasingly likely that Britain will leave the EU without a withdrawal agreement. This blog rounds up the latest developments on data protection after a no-deal Brexit. (Appropriately, we’re publishing on Data Protection Day, the international campaign to […]
Cybersecurity for startups
In the early days of a startup, it’s easy to get caught up in the buzz of building a new business. Keeping so many plates spinning – from fundraising and hiring to shipping product – can mean security sometimes falls off the priority list. But in the face of ever-rising volumes of data breaches and […]
Malware threats in 2019
It’s unlikely we’ll ever look back fondly to a time when ransomware would announce itself noisily. But at least victims knew they were under attack. Now, the signs are that malware’s adopting sneaky tactics to avoid detection. Fileless malware looks set to be a significant security threat in 2019, and that could be bad news […]
Security newsround: January 2019
We round up interesting research and reporting about security and privacy from around the web. This month: the security year in review, resilience on rails, incidents in depth, phishing hooks millennials, Internet of Threats, and CISOs climbing the corporate ladder. A look back at cybercrime in 2018 It wouldn’t be a new year’s email without […]
Health research and the issue of consent
By 30 April of this year, any organisation conducting health research in Ireland must either get consent to GDPR standard or else obtain a consent declaration. But in order to do the former, they need to know what explicit informed consent is (also known as GDPR-level consent). The problem is, a lot of people don’t […]
Embedding better security culture beyond awareness
Listening to Ira Winkler’s presentation at this year’s Irisscon conference, one of his comments struck a chord. “The right culture is that you don’t need a good security awareness programme because a new employee sees how everyone behaves, and they behave exactly like them,” he said. By way of example, he recalled an incident from […]
Nine for 2019: New Year tips for cybersecurity and privacy professionals
A new year is almost upon us, and that means one thing: resolutions. Easily made, even more easily broken, they’re nevertheless a useful way of setting goals for the next 12 months. We asked Brian Honan, Tracy Elliott, Sarah Clarke, Valerie Lyons and David Prendergast to share their tips for information security practitioners and privacy […]
Yule never believe it: we sleigh the myth about GDPR and Santa
So we’ve all seen the jokes on WhatsApp and Facebook about Santa’s lack of GDPR compliance and how this would all be changed for Christmas 2018. You know the one: He’s making a list He’s checking it twice He’s gonna find out who’s naughty or nice Santa Claus is in contravention of article 4 of […]
Data protection impact assessments for health research: what’s changed under GDPR?
Since GDPR came into effect on 25 May this year, the health regulations have been updated to incorporate more stringent requirements around protecting personal information during healthcare research. The newly updated Health Research Regulations 2018 have raised the bar for carrying out a data protection impact assessment (DPIA). This post is the first in a […]