When Your “John Hancock” Becomes Sensitive Data: Exploring Signatures as Biometrics Ever looked at your signature and thought, “It’s just a fancy way I write my name”? Think again. In our increasingly digital world, that casual scribble at the bottom of forms is gaining new significance, particularly in places like Jamaica, where the Jamaican Data…
-
-
Organisations have varying degrees of responsibility when it comes to processing personal data. Depending on your involvement, you may be either a data controller, processor, joint controller or sub-processor. So, which category does your business fall into? In this article, we’ll cover the responsibilities of a data controller and processor, and determine which role applies…
-
Subject Access Requests: Prepare Now for the Summer Spike Amid Data Breach Fears Recent cyber incidents involving major UK retailers and service providers have reignited public concern about how personal information is stored and used. As data breaches dominate the headlines, individuals are becoming more proactive about protecting their privacy and one of the most…
-
Will Proof-of-Age and Social Media Curfews Under the Online Safety Act Actually Work? The UK’s Online Safety Act introduces one of the most comprehensive frameworks for regulating online content to date. Among its more debated proposals are two high-impact, child-focused measures: mandatory proof-of-age verification and a potential legally enforced social media curfew for under-18s. While…
-
If you handle compliance in-house, you might have noticed increasing strains on your resources and team’s workload. Recognising when it’s time for external support is crucial if you want to avoid these pressures turning into costly mistakes. Below, we list the five telltale signs that outsourcing your DPO might be the most strategic move for…
-
Appointing a data protection officer (DPO) is only required if your organisation’s operations meet specific criteria. Without knowing this, businesses may either overlook their legal obligations or appoint a DPO when it isn’t necessary. So, what does this mean for your business? In this blog, we’ll uncover the criteria required to appoint a DPO and…
-
Understanding PCI DSS is crucial for businesses that process, store or transmit cardholder data. This guide breaks down the essentials, covering everything from compliance levels and requirements to the latest v4.0.1 changes. Keep reading to find out more about this security standard and how you can demonstrate PCI compliance. What Is PCI DSS? The Payment…
-
Data Breaches in Education: A Practical Guide for Schools to Prevent and Respond Schools handle large amounts of sensitive data every day. This includes student records, safeguarding information, payroll, and health data. Cybercriminals target this information because of its value. Data breaches in education can cause major disruption. It can lead to financial penalties, reputational…
-
Businesses of all sizes face increasing cybersecurity threats. One of the most overlooked yet critical aspects of cybersecurity is External Attack Surface Management (EASM). But what exactly is it, and why does your organisation need to take it seriously? Understanding External Attack Surface Management External Attack Surface Management refers to the continuous discovery, monitoring, and…
-
The Ultimate Guide to External Attack Surface Management (EASM) Organisations face an ever-expanding external attack surface that cybercriminals actively exploit. As businesses adopt cloud services, third-party integrations, and remote working solutions, the number of internet-facing assets grows, increasing the risk of cyber threats. External Attack Surface Management (EASM) has emerged as a critical security discipline,…
Join our community
Our mission is to make data protection easy: easy to understand and easy to do. We do that through the mantra of benchmark, improve, maintain.