Minimum Cyber Security Standard

11th July 2018 Author: InfoSaaS

With the breadth and sophistication of cyber threats growing on a daily basis, new initiatives are frequently published to boost levels of cyber resilience. During the last week of June, the UK Government Cabinet Office, in conjunction with the National Cyber Security Centre, published the "Minimum Cyber Security Standard" (MCSS) which provides a mandatory framework of ten areas where a minimum acceptable approach is required to protect the sensitive data and supporting systems of UK public...

ICO and Fees for Data Controllers under GDPR

4th April 2018 Author: InfoSaaS

We've commented previously that a general perception of GDPR was that there would be a removal of the annual registration cost which is currently paid to the Information Commissioner's Office for registration under the UK Data Protection Act of 1998. What has since been clarified is that whilst data controllers will need to maintain their own records of data processing (as per Article 30), the ICO has communicated that an annual fee will apply for all data controllers, which will help to fund...

Dude, where’s my data?

15th March 2018 Author: InfoSaaS

Everyone's getting a little weary of the GDPR countdown by now. We have a little over two months to go, and amazingly some organisations have yet to define a meaningful project that will help them to (a) achieve legal compliance, and (b) respect their customers' personal data and prove that they can be trusted to look after it. We've commented previously on the many "silver bullet" solutions that will magically solve all your data protection woes (they won't), and the army of GDPR snake oil...

GDPR … which Article?

9th December 2017 Author: InfoSaaS

We've noticed that many organisations who are preparing for the introduction of GDPR in just over six-months' time have not yet found a reason to locate and download the the Regulation itself. Incidentally, this can be found here. Within this wordy document, there are no less than 99 separate articles which cover every aspect of how GDPR will operate. In response to a recent request, we thought that it would be worthwhile for us to extract and highlight some of the more useful...

GDPR …. and Snake Oil

2nd November 2017 Author: InfoSaaS

The GDPR countdown relentlessly continues, and even the most reluctant of organisations are starting to realise that preparatory activities will be needed. For those with little or no previous experience in providing effective protection for personal data (for the moment, let’s overlook the fact that this should already have been in place under the UK Data Protection Act of 1998) many are seeking external assistance from the rapidly growing list of “GDPR Experts” (either as consultants...

Trusting Your Supply Chain?

21st October 2017 Author: InfoSaaS

This week, we've seen some concerning developments that might suggest that the global battle on cyber threats may become a regionalised affair. This focuses on multiple media reports that within the United States, federal agencies are to be prohibited from using Kaspersky Lab antivirus software, amid claims that allege Russian secret services have some form of backdoor access using the software, allowing visibility to the content within and configuration of end-user devices. A number of US...