Ireland’s cyber security strategy goes public (in every sense)
The Department of Communications has published the long-awaited new National Cyber Security Strategy for Ireland. The strategy covers from 2019 to 2024 and focuses mainly on critical national infrastructure and public sector systems and data. An update to the 2015 strategy, the new plan aims to ensure the State’s infrastructure and computer networks are “resilient, safe and secure”.
The Irish Times report on the publication led with the risk to the many data centres in the country from a possible attack. The Journal noted that attacks against Government departments and online services happen regularly, but many never become public. You can read the full 60-page strategy document here. One apparent omission in the plan is protection of the private sector, as Brian Honan noted in the Daily Swig. Stay tuned to the BH Consulting blog over the coming weeks, where we’ll have more in-depth analysis of the strategy.
Diversity in security
Like many technology disciplines, the infosecurity profession has been making efforts to improve diversity and promote inclusion. ISACA’s Ireland chapter is hosting a SheLeadsTech event on Thursday 16 January, which will feature BH Consulting’s Chief Operations Officer Valerie Lyons, who will speak about how diversity and inclusion is part of the company’s DNA. Valerie will also take part in a Q&A with the event’s other presenters. The event takes place at the Zurich Insurance Dublin Technology Hub. There’s more information at ISACA Ireland and registration is free at this link.
Valerie also contributed to a recent episode of the Women in Security podcast late last year. In a wide-ranging conversation with presenter Lifen Tan, Valerie talked about her experiences from 30 years of working in the technology industry, and reflected on lessons learned in her working career and personal life along the way. She also spoke about learning as a lifelong skill, and how her passion for privacy grew into her pursuit of a PhD. The episode is available on all good podcast platforms, including Apple podcasts, Breaker, Spotify,
Data protection developments
Could the proposed new ePrivacy Regulation be about to undergo a substantial revision? First mooted in 2017 as a replacement for the 2002 version, the plan came in for criticism from several EU Member States. Bloomberg reported that ministers from countries including Austria, Belgium, the Czech Republic, France, Germany, and Poland said the 2017 proposal was outdated and argued its limits on processing of communications data could hurt the technology industry. Internal Market Commissioner Thierry Breton said a revised proposal could appear while Croatia holds the EU presidency, during the first half of 2020.
Closer to home, the Data Protection Commission has published guidance for organisations looking to engage with cloud service providers. With growing numbers of cloud storage services for sharing documents, videos and other files, the DPC said: “The use of any cloud services as part of their business is an important area in which organisations need to ensure there is adequate security for the personal data they process.” The six-page booklet is free to download here.
Links we liked
Security advocate Javvad Malik delivers his 2020 predictions for security, with a twist. MORE
A look back at popular malware seen during 2019. MORE
A look even further back, as the hacking archive’s free online resource shows infosec workers
TrustedSec has open sourced its legal documentation as a template for security tests. MORE
Lesley Carhart shares commonly forgotten best practices for personal digital security. MORE
The maleficent seven: security incidents that cost CSOs their jobs. MORE
Infosecurity Magazine considers the future for antivirus in a malware world. MORE
Is your company suffering from supplier Stockholm Syndrome, asks Sarah Clarke. MORE
A complete guide to DDoS, featuring commentary from Brian Honan. MORE
New year, new role? Thinking of becoming a pen tester? Here’s what to know first. MORE