Category: Information Security

To Delete Or Not To Delete — That Is The Question

There seems to be confusion in corporate America about whether or not to delete data. On one hand, there are legal departments that advise keeping everything forever, and on the other are those that recommend deleting everything as a matter of policy as soon as possible — whacking away at files and folders on your file servers like a drunk landscaper whirling a weed whacker around your yard. Meanwhile, IT is stuck in the middle trying to develop and engineer systems to enforce ever-changing data retention policies.

NIS – another EU Directive to follow it’s an attempt to provide a more secure IT platform for everyone

While you are all (I hope) thinking about GDPR, just a brief heads-up on another EU initiative that will also still be important post-Brexit. The NIS Directive is the first piece of EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU. The NIS Directive has nothing to do with GDPR directly, but there are some similarities with it and GDPR compliance may help you with NIS compliance. It comes in on the 9th May, 2018, before the UK leaves the EU, but the UK is committed to following it post-Brexit.

Security

The First 100 Days of the New CISO

There is some form of management reality beyond the “100 days” journalistic cliché: How does an incoming executive make an impact in a new role? What are the real timeframes to look at, and what can be expected and over what horizon? What are the key issues that should raise a red flag during the first few months in a new senior position? and those which can be ignored?