I never thought I’d ever mention Kim Kardashian in a blog post but, surprisingly, I find myself doing so in the context of a privacy breach. The “human element” in privacy violations – whether by error or omission in conduct or a willful or deliberate act – plagues organizations subject to breach notification requirements. Leaving aside […]

A “tipping point” is the culmination of small events that cause a significant change. Malcolm Gladwell tells us it comes from the world of epidemiology: that point in time in an epidemic where a virus reaches critical mass. Have we now seen the tipping point where business takes cybersecurity far more seriously than ever before?

Privacy has become less valued by society than in previous eras. Whether it’s security, convenience or the seemingly inevitable march of technology, we talk of “managing” privacy; of the balancing of business needs with individual interests; of data being the new currency; of generational change in attitudes; all ultimately leading one down the road of […]

Surprisingly, ask people what “privacy metrics” mean to them and you’ll often get very different answers.

Dealing with breaches is like treating the symptoms: organizations really need to address the underlying problems. To that end, I would suggest that anyone considering how best to prevent breach management really think in terms of “incident management”. What’s the difference between incidents and breaches? A lot and a thorough understanding the former may help minimize the latter.