Neil Ford, Author at IT Governance Blog

Weekly podcast: German data breach, poor passwords, Marriott, NHS Digital and Patch Tuesday

Neil Ford 10th January 2019 Podcast

This week, we discuss a high-profile German data breach, the top worst passwords of 2018, the resignation of NHS Digital’s CISO, and Microsoft’s latest patches. Hello and welcome to the first IT Governance podcast of 2019 – for Friday, 11 …

[Continue Reading...]

Weekly podcast: 2018 end-of-year roundup

Neil Ford 13th December 2018 Podcast

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. Hello and welcome to the final IT Governance podcast of 2018. As is now traditional, I’ve installed …

[Continue Reading...]

Six months of the GDPR: it’s not too late to comply

Neil Ford 23rd November 2018 Data Protection, EU GDPR

It’s been six months since the GDPR (General Data Protection Regulation) took effect, and for many people fatigue has already set in: mention the GDPR and you’re likely to get little more than a weary shrug in response. “That didn’t …

[Continue Reading...]

GDPR: Why every organisation needs DPIAs (data protection impact assessments)

Neil Ford 23rd November 2018 Data Protection, EU GDPR

DPIAs (data protection impact assessments) are a type of risk assessment that identify the risks affecting the security of personal data, and work out their likely effects. They are a useful accountability tool: the results of a DPIA will help …

[Continue Reading...]

Weekly podcast: Amazon, TalkTalk and City of York

Neil Ford 22nd November 2018 Cyber Security

This week, we discuss Amazon’s exposure of customer names and addresses, jail sentences for two TalkTalk hackers, and a data breach affecting a City of York rubbish app. Hello and welcome to the IT Governance podcast for Friday, 23 November. …

[Continue Reading...]

TalkTalk data breach: two criminal hackers jailed

Neil Ford 22nd November 2018 Breaches and Hacks, Cyber Security

Two Tamworth men have been jailed for their part in the 2015 cyber attack on TalkTalk that saw the personal information of 156,959 customers compromised. Matthew Hanley, 23, and Conner Douglas Allsopp, 21, both of Tamworth in Staffordshire, received prison …

[Continue Reading...]

Weekly podcast: Bank of England, the OPM, Patch Tuesday and Japanese minister

Neil Ford 16th November 2018 Cyber Security, Podcast

This week, we discuss a Bank of England cyber resilience exercise, the latest cyber security news from the US Office of Personnel Management, the highlights of this month’s Patch Tuesday, and a surprising admission by a Japanese cyber security minister. …

[Continue Reading...]

GDPR automated decision-making and profiling: what are the requirements?

Neil Ford 9th November 2018 #BreachReady, EU GDPR

In addition to data subjects’ rights to be informed, of access, to rectification, to erasure, to restrict processing, to data portability and to object, the EU’s GDPR (General Data Protection Regulation) sets out requirements relating to automated individual decision-making, including …

[Continue Reading...]

Weekly podcast: HSBC, Evernote and Apache Struts

Neil Ford 8th November 2018 Cyber Security, Other Blogs, Podcast

This week, we discuss a data breach affecting HSBC’s US customers, an XSS vulnerability in Evernote and a critical RCE vulnerability in Apache Struts Hello and welcome to the IT Governance podcast for Friday, 9 November. Here are this week’s …

[Continue Reading...]

Weekly podcast: Supermicro, federal data privacy law and Morrisons

Neil Ford 25th October 2018 Other Blogs, Podcast

This week, we discuss the stalemate between Bloomberg Businessweek and Supermicro, Apple and Facebook’s call for a federal data privacy law in the US, and what the Morrisons Appeal Court ruling means for every organisation Hello and welcome to the …

[Continue Reading...]

Neil Ford Archive