Do you want to actually improve your level of Cybersecurity?
What will you do differently today or in the next few months better than last year?
As in past post the GDPR has laid out new regulations
that affect an entity that has data of an EU resident with impact on any of the following:
- Private and family life, home and communications data
- Physical and mental integrity
- Personal data
- Freedom to work and choose occupation
- Freedom of thought , conscience and religion
- Freedom of expression
The key in this graph is to be near the Green shaded squares, and not the bright red squares. I.e. having a high probability with a critical impact is bad and requires focus. Whereas an unlikely probability is negligible impact then this is not so important to focus on.
The problem is to find the Critical impact and high probability events in a manner that are easy to see as well.
In the computer world we have focused almost exclusively on personal data (PII – Personal Identifiable Identity).
But there are more difficult to identify privacy concerns such as:
What does it mean to protect freedom of expression?
So if someone has a political cause that they follow, like Greenpeace. If for some reason another non-profit has an interest in getting new donations. Here is a google search that had a “People also search for” area:
So keeping even a log of searches or other information might lessen some freedom.
Freedom to choose an occupation?
How can lack of privacy screw up your freedom to choose an occupation? Besides the pictures on Facebook about your late night parties. What if you say one thing on Facebook, and yet another in interview?
Freedom of thought?
The freedom of thought may be happening already, but that may be “good”. If you are a criminal and try to add illegal items for sale, that may not be possible due to the filters. Although your freedom was curtailed, the overall good of less illegal acts on the Internet may be desirable. Other curtailing of freedom of thought as in my politics is better than yours is quite more complicated to curtail or even attempt to make fair, as it is in the eye of beholder. So politics may not be able to be policed. This subject will depend on the country it is in, as USA has a unique constitution as in freedom of press and speech.
Private and home communications?
Here the nirvana of the advertiser means to learn how you use ‘stuff’ so that they can modify and make you buy their ‘stuff’ instead. So how much of private information should be ‘clouded’? Too bad there are no smoke generators, where one can create a bunch of junk signals that makes the advertiser just confused.
So you can see that Cyber is about People and information, as an interesting Youtube Blackhat keynote said (presented by The Grugq) : Cyber is a new dimension in conflict which is still not fully theorized or conceptualized. Not that it is stopping anybody.
So we have to start focusing on privacy data protection in many new ways (and use the GDPR as a start – only because one can see into the initial bureaucracy mind of regulations of privacy).
Contact us to get a start on the new privacy regulations to come.