There is some confusion about the difference between personal data and sensitive personal data and even whether sensitive personal data exists as a term! So, let’s see if we can clarify the situation. Under the old 1998 version of the Data Protection Act (DPA) 1998 there was a term ‘sensitive personal data’. Under the GDPR […]
In our blog on risk management challenges for 2019, we referred to the perennial risk attached to suppliers, as third parties continue to be a major source of incidents. Linked to the Brexit issue, understanding the risks your suppliers face and the measures they are taking to mitigate those risks is vital. In this blog, […]
One trend we are seeing in the market at present is an increase in the use of JavaScript Sniffers (JS Sniffers). In short, these sniffers are a type of malicious code which is injected/placed into a website with the sole intention of stealing personal data, names, credentials etc. from customers using that website. Most recently, […]
There has been a lot said and written about the risks businesses are expected to face in 2019, but less about challenges of risk management and the process itself. Here are our thoughts on what we see as the key challenges : Legislation/regulation and the impact on your risk tolerance– In 2018, we saw a […]
So, PCI DSS v4.0 has started its development journey and is expected to be released sometime late 2020. The actual release date will largely depend on the feedback received during the development review process. So what is the development process? From 6 September to 15 November 2017 (yes 2017!!!), the PCI Security Standards Council offered […]
