Plutarch said it, so it must be true. “What is this?”, I hear you cry. “Have I stumbled upon some new age contemplative dribble when I was looking for sound advice on cyber-security?”. Well, no. Firstly, Plutarch is hardly new-age and secondly that’s all the philosophy you’re getting. This post is actually about Morrisons. There: … Continue reading What we achieve inwardly will change outer reality
Uber decided to double-down in its race to the moral bottom. Not content with spying on customers, misleading regulators, employing sex-pests and generally having a toxic corporate culture, the taxi-subsidy service tried to conceal a hack that breached the personal details of more than 57m people, including drivers as well as riders. Much is being … Continue reading Big fines aren’t the big deal
The Equifax mega-breach has now led to two UK regulators investigating the same cock-up. The ICO obviously jumped in straight away, as you'd expect, but now the FCA has turned up to the party, bottle of cheap Bulgarian red from the corner shop in sweaty hand, hoping there's still some cake left. This will be fun. … Continue reading You’re in trouble no-o-o-w…
So today we have the news that a top plastic surgery outfit has been breached by hackers. Included in the haul: before and after pictures of celebrities’ improved nether regions. Never thought I’d be able to include labiaplasty as a keyword in this blog. Hard to think of anything more intrusive by way of data … Continue reading Article 9 – it’s not just a number
Why do I bang on so much about training? If driverless cars are the future, why can't machine learning give us perfectly secure networks? Here's a quote from an interview with Steve Furber in The Register. He says it better than I can: Furber gives the example of Google's much-publicised triumph when its network, having … Continue reading Wetware beats hardware
I am so tired of seeing stable doors bolted. It seems that anyone who has stewardship of sensitive data largely ignores that responsibility until they’ve been compromised, then rushes to spend fortunes proving how much better they’re going to do it in future. I’m looking at you, TalkTalk, but I’m also thinking of Equifax. After … Continue reading Can’t you just pretend you’ve been hacked?
I’ve been re-reading the Article 29 Working Party’s report on workplace monitoring. I mean, who’d be rockstar when you can have my life? Anyway, I thought this section merited reproduction in full: 5.8 Processing operations involving disclosure of employee data to third parties It has become increasingly common for companies to transmit their employees’ data … Continue reading Yay! No more “our team” pages