GDPR will change how companies work with cloud providers

One of the bigger stipulations in GDPR is that third-party service providers, including companies who run the ever-ubiquitous cloud, will also be responsible for following the correct protocols when it comes to protecting EU citizen data. Yet just as companies keep throwing everything into the cloud, we are seeing errors in the way they safeguard personally identifiable data. If you have been following the work of Chris Vickery, you know how easily these errors can be found. Vickery, ‎director of cyber risk research for California-based Upguard, has been finding misconfigured cloud instances all over the internet. Just in the past year, Vickery identified these openly discoverable instances associated with a Florida credit monitoring firm, media behemoth Viacom, and even at the Department of Defense. Each finding had enough PII to keep privacy officers sleepless for weeks. While they were all based in America, Vickery recently came across a similar breach at French marketing firm Octoly, which caters […]

The post GDPR will change how companies work with cloud providers appeared first on Cyberscoop.

Continue reading GDPR will change how companies work with cloud providers

Why GDPR is flipping the thought process around data ownership

A lot of the discussion around GDPR has focused on individual privacy. Thomas Fischer says that’s not what the law is about. It’s about data protection. And the noise around that point is a big misconception. Fischer spoke with CyberScoop for our new podcast series, Decoding GDPR, in order to get the facts straight when it comes to the European law. “It’s not about protecting the individual’s privacy, it’s protecting personal data,” says Fischer, a global security advocate based in London. “The GDPR actually says that it’s there to re-appropriate the person’s data, so that the person owns it. That’s a complete mind shift. If you think about it, companies collect data and think “OK, I’m collecting this data, I own this data, this is my data.’” That mind shift is something companies will have to embrace if they want to be in tune with the law once it goes […]

The post Why GDPR is flipping the thought process around data ownership appeared first on Cyberscoop.

Continue reading Why GDPR is flipping the thought process around data ownership