ePrivacy Directive: EU to tighten up on Data Breach Notifications

You may be aware that the EU recently put into force the updated ePrivacy Directive (2002/58/EC). As of May 2011, the use of cookies to track website visitor information is now strictly prohibited. Cookies which were previously used to track visitor behaviour and personal details may now only be used with the express permission of the visitor. Interesting website based outside of the EU, do not have to operate with the same constraints. The enforcement and technical implementation of the directive may take some time to filter through to every cookie using site on the web, and penalties for not doing so are yet to be seen.

Work continues on the ePrivacy Directive in the coming months. One InfoSec concept which the EU are looking to tighten up control of through the directive is “disclosure”. Whereas in the past, companies or organisations may have been a little shy about publicising their […]

Data Loss Prevention – Content Awareness: Human vs Computer Classification

Data Loss Prevention (DLP) is a newer area of information security and assurance which has arrived in recent years. There are a host of software products, controls and solutions which have found there way onto the market to help facilitate DLP, whether those losses be malicious or inadvertent. This market seems fledgling but is maturing as time goes on. People are just starting to understand the effects of losing data, most of which is lost by mistake. Around 77% of data loss is “inadvertent” and unintended. Basically, people make mistakes. A much lower percentage of data loss is malicious. Compliance seems to be a major driver for the implementation of the solutions and many key security players are positioning DLP as a core element of ongoing strategy. The question I have is, at this stage is are we ready to effectively apply AI(Artificial Intelligence) based systems, where the intended objective is for those […]