Privacy Ref Blog

Privacy Ref and CyberDefenses Bring Privacy and Security Together

There is a saying that you can have security without privacy, but you cannot have privacy without security. While privacy and security are both concerned with the protection of information held by an organization, security provides the means to meet the business requirements identified to meet privacy demands from regulators, customers, employees, and other stakeholders.

Privacy Ref works with our clients to improve their business and operational practices for protecting personal information. Increasingly our clients’ have been looking for services to supplement their security practices, tools, and expertise. CyberDefenses fills this role. Continue reading this post…

Posted on August 14, 2017 by Bob Siegel - No Comments
Tags: , , , ,

 


Can Consent Fall Short in GDPR?

Over the past several months, I have been taking a deeper dive into GDPR. I have found Article 6 on the legal basis for processing data particularly interesting. There is some discussion to be had for each company and how they will process data in a particular case, but I often hear that consent will be used. I have even heard arguments for consent as a catch-all for processing. This ignores the pitfalls that could come with the use of that certain legal basis. Continue reading this post…

Posted on by Ben Siegel - No Comments
Tags: , , ,

 


How Privacy Ref is getting GDPR Ready

The General Data Privacy Regulations, GDPR, are less than a year away.  Businesses around the world actively participating in the markets of the European Union are scrambling to comply with the new law.  We at Privacy Ref have been looking at how to best assess an organization’s readiness for compliance with the different articles of GDPR and have found an easy to understand way to meet this challenge. Continue reading this post…

Posted on June 14, 2017 by Ben Siegel - No Comments

 


The terrible, horrible, no good, very bad phishing email

I recently received an email that I knew was a fishing email after five seconds of inspection.  It wasn’t anything flashy that gave it away, just a slew of telltale signs that it wasn’t an authentic message, but some malicious correspondence meant to take advantage of a less informed individual.  It can be broken down into a number of steps that show just how quickly you can identify a scam email. Continue reading this post…

Posted on June 7, 2017 by Ben Siegel - No Comments

 


Accountability

You may be interested in how Wells Fargo has been handling the fallout from their recent scandal.  The summary of the incident is that sales personnel at Wells Fargo were so pressured to meet numbers that they created fake accounts using real consumer information. The practice was rampant at the company.  After being fined just short of $200 million by the Consumer Financial Protection Bureau, Wells Fargo’s executive board was faced with new challenges, specifically holding onto their positions on the board. Continue reading this post…

Posted on May 10, 2017 by Ben Siegel - No Comments

 


Planning for Summit 2017

With the IAPP Privacy Summit less than a month away, it is time to start planning what you will be doing there.  If you are going to the Summit this year, there are a large number of sessions, speakers, and exhibitors for you to check out and learn from.  This stands alone from the thousands of attendees, all of whom have some level of privacy expertise and experience that you can learn from. Continue reading this post…

Posted on April 12, 2017 by Ben Siegel - No Comments

 


It’s just a leak

In recent weeks, leaks have been at the forefront of news.  This is mostly in a political spectrum, but it illustrates the importance of managing how information flows through an organization.  There have been examples other than those coming from the White House though. Being non-political in nature, they have different consequences and lessons to be learned. Continue reading this post…

Posted on March 23, 2017 by Ben Siegel - No Comments

 


Your Privacy Resolution

A new year usually means setting a goal to remodel that extra bedroom, cut out caffeine, or finally hit the gym for 30 minutes a day.  This year you have an even greater goal in mind, the improvement of your privacy program.  Here are some great ways to start you on your way to achieving just that. Continue reading this post…

Posted on January 17, 2017 by Ben Siegel - No Comments

 


Happy Data Privacy Day

(Note, this post first appeared in the Operational Privacy blog on CIO.com)

Data Privacy Day (DPD), held every January 28 and coordinated by the National Cyber Security Alliance (NCSA), is an international effort highlighting “Respecting Privacy, Safeguarding Data and Enabling Trust.” DPD provides an opportunity for you to re-enforce these themes within your organization to improve privacy awareness. The result is that you will increase your customer’s trust in your organization while reducing costs and liabilities due to human error while handling personal information. [Disclosure: My company, Privacy Ref Inc., is a sponsor of Data Privacy Day.]

Continue reading this post…

Posted on by Bob Siegel - No Comments

 


Quick Thoughts on IoT

Recently I saw an interesting image on twitter from @darrencauthon.  The image was a television with an alleged FBI notice notifying the individual that their new smart TV had “suspicious files” and that they were being penalized $500 before they could use their TV again.  All of this is accompanied by legal jargon meant to frighten the user into believing the hoax.  The bottom of the note is even signed by FBI Director James Comey himself apparently.  This is your classic example of ransomware and I immediately had a thought on what may cause this issue. Continue reading this post…

Posted on January 4, 2017 by Ben Siegel - No Comments

 


Next Page »

Subscribe to our mailing list

Please fill out the form below.

Required

Want to find out more?

Simply go to the contact page, fill out the form, and someone from Privacy Ref will be in touch with you. You can also send an email to info@privacyref.com or call (888) 470-1528.

News

May 10, 2017

Predictive Breach Cost Model
Download our predictive breach cost modelhere.

Latest Blog Posts

August 14, 2017

Privacy Ref and CyberDefenses Bring Privacy and Security Together
There is a saying that you can have security without privacy, but you cannot have privacy without security. While privacy and security are both concerned with the protection of information held by an organization, security provides the means to meet the business requirements identified to meet privacy demands from regulators, customers, employees, and other stakeholders. Privacy Ref works with our clients to improve their business and operational practices for protecting personal information. Increasingly our clients’ have been looking for services to supplement their security practices, tools, and expertise. CyberDefenses fills this role. Continue reading this post...

Can Consent Fall Short in GDPR?
Over the past several months, I have been taking a deeper dive into GDPR. I have found Article 6 on the legal basis for processing data particularly interesting. There is some discussion to be had for each company and how they will process data in a particular case, but I often hear that consent will be used. I have even heard arguments for consent as a catch-all for processing. This ignores the pitfalls that could come with the use of that certain legal basis. Continue reading this post...

Other Recent Posts

PRIVACY REF