Uncovering Privacy Violations: Android Users at Risk of Surveillance
In a significant disclosure, collaborative research from KU Leuven, Radboud University, and IMDEA Networks has revealed that Android users with Instagram or Facebook apps on their phones have been subjected to extensive surveillance. Meta, the parent company of these social media giants, reportedly had the capability to monitor users’ web activities, even when accessing other […]
Enhancing Personal Data Security: The 2024 Edition Guide by CNIL
In the evolving landscape of digital privacy and protection, the CNIL’s 2024 edition of the “Practice Guide for the Security of Personal Data” stands as an essential resource for data protection professionals. It revisits and amplifies fundamental principles to guide your efforts in safeguarding personal data, while incorporating contemporary challenges and technologies like artificial intelligence, […]
Enhancing Digital Security with the European Vulnerability Database
Digital security continues to take center stage as cyber threats evolve. For data protection professionals and privacy experts, staying ahead of vulnerabilities affecting Information and Communication Technology (ICT) is imperative. The European Union Agency for Cybersecurity (ENISA) has made significant strides by launching the European Vulnerability Database (EUVD) under the directive of NIS2. This resource […]
CNIL’s 2025 Control Agenda: Spotlight on Mobile Applications and Cybersecurity
As we progress into 2025, the CNIL has outlined its focal areas for the year, zeroing in on the scrutiny of mobile applications, the cybersecurity measures of local authorities, and data processing by penitentiary administrations. This strategic focus underlines CNIL’s dedication to safeguarding personal data amid the evolving digital landscape. Mobile Applications and Data Collection […]
NIST Aligns Privacy Framework with Cybersecurity Guidelines
As data protection professionals, we are fully aware of the intertwining nature of privacy and cybersecurity risk management. The National Institute of Standards and Technology (NIST) has released a draft update to its Privacy Framework, strategically aligning it with the Cybersecurity Framework, which itself was updated in 2024. This move is designed to streamline how […]
Data Breaches of 2024: Key Lessons and Measures for Data Professionals
With 2024 marking an alarming rise in large-scale data breaches, data professionals face ongoing challenges. France’s CNIL has reported an unprecedented increase in the number of data breaches, emphasizing the need for robust cybersecurity measures. For data protection professionals and security experts, understanding and addressing these threats is crucial. Key Insights: – Escalating Breaches: In […]
Implementing Secure Practices for Cloud Services: Insights for Privacy Professionals
We can learn from the CISA and use the guidelines too to secure cloud services. While the initial rules are related to Microsoft365, Google Workspace will be covered soon. Entra (Active Directory), SharePoint, OneDrive protection measures are covered and some basic security measures as discussed in Privacy Enablers study book. The Cybersecurity and Infrastructure Security […]
Cyber Resilience Act: Enhancing Security for Connected Devices in the EU
The Cyber Resilience Act (CRA), enacted on November 20, 2024, marks a significant milestone in the European Union’s efforts to bolster cyber security for connected products. As data protection professionals, it is crucial to comprehend the implications of this comprehensive EU regulation that sets horizontal cyber security requirements for a diverse range of products—from connected […]
Advanced Strategies for Ensuring Multifactor Authentication Security
In an era where cybersecurity threats continue to evolve, the VTC (Vlaamse Toezichcommissie, the Flemish Privacy Authority) informed the DPOs of local cities and municipalities during a VTC event last friday in Brussels that the deployment of effective mechanisms such as Multifactor Authentication (MFA) is imperative for data protection professionals. This post explores key strategies […]
AI Agents and the Future of Privacy and Authentication
As artificial intelligence technology continues to evolve, AI agents are becoming integral to our daily digital interactions. However, with this advancement comes new privacy and security challenges that professionals must address. A recent report by the Center for Security and Emerging Technology (CSET) titled “Through the Chat Window and Into the Real World” delves into […]