Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As global privacy requirements evolve, many information security professionals are called upon to enhance or lead information privacy programs. While this transition may seem like a natural progression, I learned five important lessons when I moved from a focus on security and audit to the field of information privacy.

Due to recent events happening worldwide, the US specifically, many people are looking for European tech companies to move away from big tech and switch to more private, secure solutions that value our data rather than profit from it. Moving away from any service can be challenging, and with companies like Google monopolizing the tech world, finding alternatives can seem almost impossible.

The Privacy Act 1988 establishes the Australian Privacy Principles (APPs) as the foundation of privacy regulation in Australia. These 13 principles guide how organizations must handle, use, and manage personal information. The APPs apply to most Australian Government agencies, private organizations earning over $3 million annually, and certain smaller businesses—collectively called APP entities. For organizations doing business in Australia, APP compliance goes beyond avoiding penalties.

By James Rees, MD, Razorthorn Security.

The cyber insurance industry continues to face challenges related to traditional cyber security risks, and more recently, data privacy risks. In many cases, traditional cyber insurance policies may cover legal fees or costs related to a data privacy infringement. Organizations not only get hit with class action lawsuits following incidents like breach of PII/PHI, but are seeing demand letters from law firms who are looking to protect their clients from any possible disclosure of their sensitive data.

Protecting individual privacy is paramount, given the proliferation of Personally Identifiable Information (PII) and other sensitive data collected by enterprises across all industries. One way to protect sensitive data is through PII masking e.g., consistently changing names or including only the last four digits of a credit card or Social Security Number.

Not all threats to your accounts and privacy happen online. They can happen right next to you. The stranger sitting next to you on the metro, coffee shop, or airport may not be some innocent stranger. Instead, they could be looking for an opportunity and the right moment to look over your shoulder and steal your passwords or personal information. Shoulder surfing attacks happen when someone watches you enter sensitive information, such as a PIN or password, into your device or account.