What does it take?

I wasn't going to blog about Carphone Warehouse being fined £400k by the ICO for a breach, because boring-boring-you've-done-this-before, but then I couldn't help myself. Carphone's offence? A data breach. Resulting from poor maintenance of cyber security on an internet-facing webserver. You remember TalkTalk? They were fined £400,000 just over a year ago. For a … Continue reading What does it take?

Can’t you just pretend you’ve been hacked?

I am so tired of seeing stable doors bolted. It seems that anyone who has stewardship of sensitive data largely ignores that responsibility until they’ve been compromised, then rushes to spend fortunes proving how much better they’re going to do it in future. I’m looking at you, TalkTalk, but I’m also thinking of Equifax. After … Continue reading Can’t you just pretend you’ve been hacked?

What’s worse – poor security or poor communications?

The TalkTalk saga grinds on. It’s abundantly clear that their security was inadequate. Even their CEO admits it, although she’s determinedly clinging on to her job – presumably some poor sucker in IT will eventually carry the can. After all, that’s what happened at Target. What’s interesting is not so much that they were hacked, … Continue reading What’s worse – poor security or poor communications?