Security Roundup March 2025
Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Finland finds state support sharpens SME security A report has found “significant improvements” to the security of 50 small businesses in Finland after a national fund was set up to help them. Between 2023 and 2024, Traficom’s Finnish Cyber Security […]
How boards can manage digital governance in the age of AI
If there is one statistic that sums up the increasing pace of technological change, it might well be this. Gartner forecasts that by 2026, more than 80 per cent of businesses will implement Generative AI in their production environments. To put this into context, GenAI use in business was just 5 per cent in 2023, […]
How effective is the EDPB website auditing tool for checking GDPR compliance?
Websites change and evolve frequently, so how can organisations ensure their sites stay on the right side of privacy regulations? Regular audits can help them achieve this goal – and the European Data Protection Board (EDPB) provides a free tool to do just that. I will share firsthand findings from an in-depth test, to determine […]
International Women’s Day: accelerating action against online harms
In cybersecurity, danger isn’t distributed equally. It’s a sad fact that women experience higher rates of online harassment, threats, and discrimination than men. This year’s International Women’s Day has the theme of Accelerate Action to address gender inequality, so, we’re going to look at how this subject plays out online. There’s a lot of evidence […]
Security Roundup February 2025
Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. The law’s long arm reaches wrongdoers Let’s start with some good news (for a change). Cybercriminals felt the heat from law enforcement last year, while ransomware payments fell. At the end of January, police forces from eight countries took down two of […]
Security Roundup January 2025
Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Cyber risk remains top of mind for business leaders A regular January fixture, the World Economic Forum’s Global Risk Report 2025 features two technology-related threats among the top five risks for the year ahead and beyond. The report ranks risks by severity […]
Data Protection Day 2025: three takeaways for embedding privacy principles
A key theme of Data Protection Day 2025 is the evolving mandate of data protection. I feel this concept of evolution is worth exploring in more detail, because many organisations think of themselves either as ‘compliant’ or ‘not there yet’. That mindset doesn’t always allow for responding to changes in privacy and data protection. So […]
DORA arrives: Here’s what you need to know
Today the Digital Operational Resilience Act (DORA) becomes binding across the EU, aiming to strengthen financial entities’ stability and security. Arguably, it’s never been more needed than now. According to SailPoint, the financial industry was the most targeted sector for data breaches in 2024. Close to 65 per cent of financial organisations said they experienced a ransomware incident, […]
Opportunities and risks of AI coding assistants
The rise of AI coding assistants marks a significant leap forward in software development. With capabilities that streamline tasks, these tools promise a new level of efficiency. However, a recent joint report by France’s National Cybersecurity Agency (ANSSI) and Germany’s Federal Office for Information Security (BSI) highlights crucial security and privacy considerations for organisations adopting […]
Security Roundup November 2024
Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Microsoft moves to lock down admin accounts against exploits Microsoft is introducing a new security feature for Windows 11 called Admin Protection, designed to make admin accounts more secure during privileged or sensitive actions. Currently in testing, Admin Protection isolates high-level privileges […]