Recent Posts

The wrong solution to a major problem

The wrong solution to a major problem

Supply Chain Risk Management is the name of a big security problem in the business world. It is so important that there isn't a single security framework that doesn't include Supply Chain Risk Management in its agenda, guidance, and suggested controls. NIST has a set of resources on the topic, but it is not the only organization that is addressing this problem.

Private and secure browsing

Private and secure browsing

GDPR is supposed to let us take back control of our private data. In reality though many websites either don't allow that to happen through their selection of cookies, or constantly present to us the same requests until we accept the most invasive option. At the same time there is a known security risk related to every day broswing: browser - served malware, sometimes caused or enabled by the insane amount of 3rd party uncontrolled scripts that are served to us on the websites we visit. We need to find ways to browse securely and protecting our privacy as much as possible.

Whiners will be whiners

Whiners will be whiners

I think we have all recentrly received one (and probably more) of these wonderful mails stating "we have your data, if you want us to keep talking to you let us know". In case you were wondering, this is a side effect of GDPR; and in my opinion an excellent one. Yet many people - including some respected and high profile GDPR experts and "experts" - take the opportunity to attack the senders. But I think this is the wrong reaction.

The expectation of privacy

The expectation of privacy

Everybody has something to say about the Facebook / Cambridge Analytica case. And I am annoyed by people saying that when you give your data to Facebook, you forego some parts of your privacy (true) so you should not be surprised (false). In simple terms, it was an actual data breach. Individuals who had not consented, had their data exposed. This was not supposed to happen. There are two aspects I would focus on regarding this issue: