Absent incident response spells trouble for Travelex
In an ideal world, humans would only ever learn from doing things right, but failure is a persistent teacher. That’s why for every Norsk Hydro or Maersk competently and professionally handling major security incidents, there’s also a Travelex. In this blog, we dig into why the world’s largest foreign exchange company has become the latest […]
Cybersecurity and data protection in 2019: the BH Consulting year in review (part 2)
Security is a busy field, and 2019 was no exception. Following last week’s blog looking back at the first six months of the year, here’s the second part covering cybersecurity, data protection and privacy stories that emerged between July and December. July Summertime and the living wasn’t easy if your company was called BA or […]
We are hiring – Data Protection Consultant
Due to market growth and continued expansion, BH Consulting is looking to augment its growing DPO-as-a-service team by hiring a new Data Protection Consultant. The candidate is passionate about data protection and is keen to demonstrate this. The candidate has at least 5 years experience in data protection or IT data project management, and is likely to […]
Cybersecurity and data protection in 2019: the BH Consulting year in review (part 1)
It’s that time of year again, where we look back at, and reflect on, the previous 12 months. In that spirit, here’s the BH Consulting review of 2019. The roundup we present is our take on cybersecurity, data protection and privacy issues. As regular readers will know, we don’t aim to be a website of […]
ISO 27001 extends privacy controls – what this means in practice
The International Organisation for Standardization (ISO) recently published an extension to ISO/IEC 27001 and 27002 for privacy information management. In this post, we’re going to take a closer look at this development. As regular readers of this blog will know, we at BH Consulting are big supporters of the ISO 27001 information security standard (note: […]
Lessons learned from public services card
Today the DPC provided its 170 page long awaited findings into the validity of the Public Services Card (PSC) to the Department of Social Protection leading to calls for the Minister to resign – so how badly did the Irish Government violate our data protection rights? Initial concerns were raised about the card some years ago as […]
Data protection roles in customer service and trust
Some organisations and companies are “hiding behind” their data protection and privacy obligations, and it’s leading to poor customer service. In doing so, they’re missing an opportunity to build trust and deliver a better customer experience. That’s the view of Valerie Lyons, BH Consulting’s COO and senior consultant, in a recent interview with the Irish Independent. The General […]
Nine lessons for strong incident response and recovery in a data breach
Data breaches are rarely out of the headlines, but the recent proposed fines against BA and Marriott will have pushed this risk back to the forefront for many businesses. Like many security threats, breaches are nothing new; we’ve covered this subject on our blog many times in the past. A data breach can take many […]
Five tips for managing data subject access requests under GDPR
“Information wants to be free”, was the old technology activist’s mantra – but someone has to pay the price. The catchphrase has taken on fresh meaning since the General Data Protection Regulation (GDPR) came along. It’s made people more aware they are entitled to copies of information about themselves, and it’s placing a heavy workload […]
Lessons learned from BA and Marriott data breaches
There’s been lots of talk about regulations with bite, a watchdog baring its teeth, and that ‘the gloves are off’ after the UK Information Commissioner’s Office one-two punch of a £184 million fine against British Airways, and £99 million against Marriott International announced a day later. It certainly looks like the ICO went for the […]