WithoutFire | John Elliott's occasional thoughts on data protection

was tesco bank hacked?

I’ve read some pretty amazing articles and blogs in the last week that show quite a misunderstanding about how criminals steal money, how payments work and how the new General Data Protection Regulation would both punish Tesco Bank and simultaneously remedy all ills. Cyber security and financial crime is

Continue Reading

in memoriam requirement 1.3.3

It is rare for the DSS to get smaller, each version typically adds a few requirements based on lessons from forensic investigations of breaches of cardholder data. However, in the summary of changes from version 3.1 to version 3.2 published this week I noticed:

<br><
Continue Reading

is your employees’ privacy one of the first casualties in the battle to secure your information systems?

I’m speaking about the trade off between network security and employee privacy at the International Association of Privacy Professionals (IAPP) European Data Protection Congress in Brussels on the 2nd December.

In the face of modern cyber-threats, communication monitoring and surveillance are essential for the protection of corporate information. But

Continue Reading