Amber Rudd read History, but didn’t understand it

Those who do not understand history are doomed to repeat it[1]. And here I am, watching it repeat. This is my third post on this topic. Sorry. But it's important. Amber Rudd, the UK Home Secretary, suggested on Sunday that end-to-end encryption is “unacceptable”. She trotted out the usual excuses about terrorism and the need … Continue reading Amber Rudd read History, but didn’t understand it

In or out – the tech perspective

Bremain or Brexit? This isn’t a political blog, but it’s worth reminding ourselves of June 23rd’s implications for IT & cyber-security. Privacy and personal data Even if we leave the EU, we’ll still have to implement the General Data Protection Regulation, only to have to re-invent it later. If we want to trade with the … Continue reading In or out – the tech perspective

Roll up! Roll up! It’s a security round-up!

Apologies for the infrequency of recent updates. I’ve been busy – understanding the GDPR, doing some speaking engagements and (hush!) actually working for a living. So, without further ado, here’s what’s going on right now: Theresa May is trying to push the Snoopers Charter (aka the Investigatory Powers Bill) through Parliament despite plenty of expert … Continue reading Roll up! Roll up! It’s a security round-up!

Encrypt data at rest

The Register reports this morning: American health insurer Centene Corp says it has lost 950,000 sensitive customer records stored on six hard drives. The drives hold customers' name and address, date of birth, Social Security numbers, and health information. Encrypted? Obviously not. Excuse? None. https://www.becrypt.com/uk/encryption http://buy.symantec.com/estore/clp/productdetails/pk/drive-encryption http://www.deslock.com/ https://www.checkpoint.com/products/full-disk-encryption/ http://windows.microsoft.com/en-gb/windows-vista/bitlocker-drive-encryption-overview BitLocker is even free. How hard … Continue reading Encrypt data at rest

Left hand, right hand, other hand – what a mess!

Still chewing through the GDPR, so that’ll have to wait. In the meantime, more evidence that the nicest word we can use to describe the current state of data protection in Europe is…disconnected. First we have the European Commission desperately trying to reach an accommodation with the US on Safe Harbour after the European Court … Continue reading Left hand, right hand, other hand – what a mess!

Told you so: supply chain failure costs CPS £200k

I published this note about supply chain security today. Less than 8 hours later we learn that the ICO has fined the Crown Prosecution Service £200k for failing to secure some laptops that held confidential information on victims of crime. The laptops were stolen from a residential flat being used by a film production company … Continue reading Told you so: supply chain failure costs CPS £200k