It's Thursday and that means that it is tutorial time in the “EU and Global Cybersecurity Fundamentals” course! This afternoon students will discuss the deployment of intrusion detection/prevention systems, firewalls, and threat intelligence, giving group presentations, first from the perspective of an attacker and then as a member of the organization, in a session led by Fernando ...
The 2021 Report on the SolarWinds Cyber Espionage Attack and Institutions’ Response published by the New York State Department of Financial Services (“Report”) commences with a stark warning: “The next great financial crisis could come from a cyber attack.” “The SolarWinds Attack is, to date, the most visible, widespread, and intrusive information technology (‘IT’) software supply chain attack – i.e., a ...
This is true not only in monetary terms, but information security could even be a question of life and death. In September 2020, a breaking article confirmed the inevitable - the first death caused by a ransomware attack. The alleged victim is a woman who necessitated urgent medical care and had to be re-rerouted to another hospital as a ...
“Hopefully COVID-19 will be gone at some point, but tracking technologies may stay for longer and permanently hamper the rights and freedoms of individuals” As part of my blog series on #PublicHealthANDprivacy in light of the COVID-19 pandemic, this short reflection will focus on digital surveillance. There is no doubt that data and technology have the ...
Today, Safer Internet Day, represents a good opportunity to remind organizations of the importance of embedding data protection and security into the design of processes, products and services. This consideration is, in fact, embodied in the first principle of five which I have identified as the foundation of Socially Responsible Data Protection and which are ...
On May 31st the Supreme Court of Ireland denied Facebook’s appeal to avoid referral of its recent case concerning the international transfer of personal data to the European Court of Justice. You most likely remember the case brought forth by privacy activist and lawyer Max Schrems which questions whether the methods used by technology companies, and ...
In the Council's effort to deter cyber-attacks constituting an external threat to the EU or Member States, the EU can now impose targeted restrictive measures which include asset freezes on both persons and entities and a ban on people travelling to the EU. Such restricted measures are considered necessary in light of the Common Foreign ...
On 3 October 2018 the Irish Data Protection Commission (DPC) commenced an investigation into the latest Facebook data breach examining the company's compliance with GDPR obligations concerning the implementation of technical and organisational measures to ensure the security and safeguarding of the personal data it processes. The breach was notified on 28 September 2018 and the investigation ...
Happy May 25th to everyone. Today represents the start of a new era for data protection, privacy and digital rights. https://m.youtube.com/watch?v=b-kiF3k8WTQ&feature=youtu.be
Want to know how to handle data breaches under the GDPR? Join me and Tresorit CEO and co-founder Istvan Lam on April 25th 2018 for a webinar where we will help you understand what exactly is considered a data breach under the GDPR, when you have to report an incident and to whom, who is liable for ...
Top-tier European ICT, Privacy & Cybersecurity lawyer. Professor of Privacy, Cybersecurity, and IT Contract Law at the European Centre on Privacy and Cybersecurity (ECPC) within the Maastricht University Faculty of Law. Founding Partner of ICT Legal Consulting. Lead Auditor BS ISO/IEC 27001:2013.
Read more
CONNECT