Yes, data protection matters to you too

It's been a big week for security news. Parliamentary email hacked, UK politician logon credentials circulating for sale, a massive (paper) data breach at the NHS, another massive ransomware outbreak, Boomerang Video fined... Wait, what? Who the hell are Boomerang Video? Boomerang are a small video-game rental operation. Their website was hacked in 2014 and … Continue reading Yes, data protection matters to you too →

Over-sharing, over-confident and over here

William Brandon, CISO at the Bank of England, has noticed the risks associated with LinkedIn profiles. He’s quite correctly pointed out that telling the world what you do, which systems you look after and whom you work with is a bit of a goldmine for hackers and social engineers. In other news, RBS is the … Continue reading Over-sharing, over-confident and over here →

How does this hacking thing work, then?

If you’re not in the public eye, you’re not likely to get hacked for fun. Anonymous et al are in it for the oxygen of publicity. Most hackers are in it for the money. So to understand your risk, you need to follow the money. How can hackers monetise you? Firstly, by using you as … Continue reading How does this hacking thing work, then? →

Safe Harbor is officially dead. Now what? (Where’s your data: reprise)

A few days ago, I wrote about European Court of Justice Advocate General Yves Bot. He had decided that Facebook shouldn't have transferred data about an Austrian student to its US data centres. At the time, this was just an opinion. Now it's an official ruling by the ECJ. This is where it gets interesting. … Continue reading Safe Harbor is officially dead. Now what? (Where’s your data: reprise) →