Getting Your Proposal Accepted The call for papers for RSA Conference 2019 is open, it closes on August 1st. A friend asked me for some tips on getting a proposal accepted, and as speaking at an event like RSAC is great for self-development, and a brilliant opportunity to give back
In just about every job I've done, at some time I've been responsible for the assessment and assurance of third parties / suppliers / (data) processors. I often feel that as an information security and data protection community we do a great job when it comes to this as a compliance activity
By John •
March 18, 2018 •
At a recent meeting of the UK Merchants' PCI Working Group I mentioned that there was some soft case law in the form of ICO enforcement action which helps to answer the question of whether PCI DSS is sufficient to meet GDPR’s requirement for organisations to implement “appropriate technical
By John •
January 25, 2018 •
On January 20th (a Saturday!) I spent a few valuable hours with fellow practitioners in a privacy risk workshop kindly organised by Professor Eerke Boiten at De Montfort University in Leicester. I presented a brief overview of the way I’ve started to carry out very basic risk assessments focussed
By John •
December 11, 2017 •
Over the past 12 months, the ICO has developed a significant approach on the use of affiliate marketing and the applicability of the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR). In November 2016 the ICO undertook a review of the use of affiliate marketing in the gaming industry