The week in security: Welcome to the era of GDP.R you ready?

Years of anticipation and preparation came to a head with the commencement of the European Union’s general data protection regulation (GDPR) privacy scheme. Yet even as the new regime kicked into gear, Australian companies were still figuring out their exposure and, by some accounts, had failed to train employees how to handle GDPR data requests.

Some vendors were highlighting the potential opportunities that GDPR provides companies to convince customers they are serious about protecting sensitive private data.

Probabilistic assessments of security simply won’t cut it anymore, according to one CSIRO data scientist who believes companies need to evaluate their privacy protections against strict mathematical methods that provide irrefutable proof of security.

GDPR Day came just days after a major Internet of Things (IoT) compromise, with the Russian VPNFilter malware said to have infected more than 500,000 routers and the US FBI moving to take control over the botnet amidst concerns of an imminent attack.

New figures suggested many people still haven’t figured out that enthusiastic claims of online love are likely to be fraud, with Australians handing over $340m to scammers last year alone.

Speaking of believing claims, Google announced it will tweak Chrome security to strip the ‘secure’ designation from HTTPS sites in September. They will, presumably, just be the new normal.

Also on the security front, chip makers released patches for new Spectre-Meltdown vulnerabilities – but they come at a cost to performance.

Tags data privacyGDPRGDPR obligations

Show Comments