If 60’s and 70’s programmers had anticipated that their code would still be in use thirty-odd years later, we wouldn’t have needed a massive effort to fix the installed codebase before the century rolled over. But they didn’t, and we did. A lot of money was spent. The world didn’t end on the 1st of … Continue reading Y2K wasn’t a rip-off; neither is GDPR
Tag: compliance
Over-sharing, over-confident and over here
William Brandon, CISO at the Bank of England, has noticed the risks associated with LinkedIn profiles. He’s quite correctly pointed out that telling the world what you do, which systems you look after and whom you work with is a bit of a goldmine for hackers and social engineers. In other news, RBS is the … Continue reading Over-sharing, over-confident and over here
Less TalkTalk, more action
So now we have our own Target. Details are still sketchy, but it looks as though millions of TalkTalk customers have been thoroughly compromised. From the sound of it, there were some pretty basic failures, including lack of encryption and retention of sensitive data in the same location as everything else. Was this predictable? Of … Continue reading Less TalkTalk, more action
It could be you
You probably won’t win £108 million on the lottery. But you will get hacked… There are times when I find it harder than usual to stay upbeat. As I’ve said before, much of what we do as IT security professionals feels like preaching Armageddon to atheists. They’re convinced it won’t happen, so they don’t really … Continue reading It could be you
Why the US bugging Merkel’s phone will cost you money
The American decision to bug Chancellor Merkel’s private mobile has several consequences. All of them will affect us – by which I mean business decision makers – sooner, and more thoroughly, than we’d like. The obvious part is that our compliance costs are about to go up. We already knew that the European General Data … Continue reading Why the US bugging Merkel’s phone will cost you money
A bigger picture 