DISC InfoSec blog

Data protection is challenging for many businesses because the United States does not currently have a national privacy law  —  like the EU’s GDPR  —  that explicitly outlines the means for protection. Lacking a federal referendum, several states have signed comprehensive data privacy measures into law. The California Privacy Rights Act (CPRA) will replace the state’s current […]

Earlier this year, the White House announced that it is working with the European Union on a Trans-Atlantic Data Privacy Framework. According to a White House statement, this framework will “reestablish an important legal mechanism for transfers of EU personal data to the United States. The United States has committed to implement new safeguards to ensure […]

President Joe Biden on Tuesday signed into law a $1.5 million government funding bill that includes legislation mandating critical infrastructure owners report if their organization has been hacked or made a ransomware payment. Biden signed the legislation during a White House ceremony that was attended by administration officials and top Democratic lawmakers, including including House […]

Are you planning a career as a DPO (data protection officer)? Are you planning a career as a DPO (data protection officer)? Our unique combined GDPR (General Data Protection Regulation) and DPO training course is now available in a low-cost self-paced online format. Delivered by an experienced data privacy consultant, the Certified GDPR Foundation, Practitioner […]

Google announced Privacy Sandbox on Android to limit user data sharing and prevent the use of cross-app identifiers. The company states that the Privacy Sandbox technologies are still in development. “Privacy Sandbox on Android will strengthen privacy, while providing tools app developers need to support and grow their businesses. It will introduce new solutions that […]

Almost every part of our everyday lives is closely connected to the internet – we depend on it for communication, entertainment, information, running our households, even running our cars. Not everyone in the world has access to the same features and content on the internet, though, with some governments imposing restrictions on what you can […]

Download ISO/IEC 27701 2019 Standard and Toolkit CPRA compliance gap assessment tool 

50 Key Stats About Freedom of the Internet Around the World Almost every part of our everyday lives is closely connected to the internet – we depend on it for communication, entertainment, information, running our households, even running our cars. Not everyone in the world has access to the same features and content on the […]

In late March 2021, Representative Susan DelBene (D-WA 01) introduced legislation to the 116th Congress to protect consumer privacy and put control of consumers’ data in their own hands. DelBene noted that states are surging ahead of the federal government in creating privacy laws, each with their own flavor and each serving the needs of a […]

Lesson 1: Take stock of identities and lock them down When it comes to data protection, security and compliance, organizations must keep the potential technology risk within acceptable limits, which means mobilizing efforts to identify data lakes and applications where personally identifiable information (PII) and other sensitive information is stored. Organizations should then use digital […]

Americans have become inured to the relentless collection of their personal information online. Imagine, for example, if getting your suit pressed at the dry cleaner’s automatically and permanently signed you up to have scores of inferences about you — measurements, gender, race, language, fabric preferences, credit card type — shared with retailers, cleaning product advertisers […]

Luke Irwin Looking for affordable ways to keep your data secure? Sometimes the simplest solutions are the best – and nothing beats the simplicity of a book. With books, you get expert advice at your fingertips. You can study whenever is convenient and the information is always there for you to reference. So, which books […]

OneLogin’s recent research into remote working practices shows it is proving to be fertile ground for hackers – Here’s how to stay safe How to stay secure Another key step to keep your business safe from breaches is to ensure that your employees are following security best practices. To celebrate Data Privacy Day, we’ve provided some […]

Training course outline The CCPA (California Consumer Privacy Act) is a California data protection law that came into effect on January 1, 2020. Following the passing of Prop 24, the CPRA (California Privacy Rights Act) will take effect officially on January 1, 2023 and replace the CCPA. The CPRA is widely viewed as California’s version of the EU’s […]

Court documents related to a recent gun-trafficking case in New York and obtained by Forbes revealed that the FBI may have a tool to access private Signal messages. The documents revealed that encrypted messages can be intercepted from iPhone devices when they are in “partial AFU (after first unlock)” mode. “The clues came via Seamus Hughes at […]

Source: 5 key privacy trends for 2021 As organisations become increasingly reliant on the use of personal data, the risks they face grow exponentially. We saw last year a record number of data breachesand a surge in penalties for regulatory violations, but 2021 is set to be even more perilous as the public demand for data privacy […]

One of the new features in iOS 14 is the ability to change the default email or browser app to a third-party alternative such as Chrome, Edge, or Outlook. A bug in the first public release of iOS 14, however, causes your default browser or mail app setting to reset to Mail or Safari when […]

What is ‘privacy by design’?  By Annabelle Graham   Privacy by design is a voluntary approach to projects that promotes privacy and data protection compliance, and helps you comply with the Data Protection Act 1998 (DPA). The Information Commissioner’s Office (ICO) encourages organisations to seriously consider privacy and data protection throughout a project lifecycle, including when: Building new […]

International law firms see ISO 27001 certification as competitive differentiator by Melanie Watson ISO 27001 has long been regarded as the information security standard to protect a company’s sensitive information, but more recently law firms have been viewing it as a key competitive differentiator in their field. Key selling point Shook, Hardy & Bacon achieved […]

by Ilenia Vidili In South Africa the Protection of Personal information Act (POPI) aims to regulate how companies secure the integrity and confidentiality of their data assets by taking technical and organisational measures to prevent the loss of, and damage and unauthorised access to, personal information. POPI was signed into law on 26th November 2013 […]