Revenge plan morphs into data leak discovery
Black Hat When Europe introduced the General Data Protection Regulation (GDPR) it was supposed to be a major step forward in data safety, but sloppy implementation and a little social engineering can make it heaven for identity thieves.
In a presentation at the Black Hat security conference in Las Vegas James Pavur, a PhD student at Oxford University who usually specialises in satellite hacking, explained how he was able to game the GDPR system to get all kinds of useful information on his fiancée, including credit card and social security numbers, passwords, and even her mother's maiden name.
Pavur's research started in an unlikely place - the departure lounge of a Polish airport.
They didn't, but it sparked an idea to see what information you could get on other people and Pavur's partner agreed to act as a guinea pig for the experiment.
Firstly, companies only have a month to reply to requests and face fines of up to 4 per cent of revenues if they don't comply, so fear of failure and time are strong motivating factors.
Due to the digitization of almost every aspect of our life, a big part of every business’s operations relies on technological and digital solutions.
This global interconnected network puts many organizations and business entities at risk of losing their sensitive data or having their private information stolen, which can result in various adverse consequences.
Keep reading as we’ll demonstrate the basics of cybersecurity and go over its main facets.What Is Cybersecurity?Cybersecurity is one of the main tasks handled by your IT team.
This act is increasingly efficient, the more it extends and covers all business hardware, software, and employee devices used within the corporation.
A business must ensure that all platforms using its network are secure and, therefore, all systems, computers, and portable devices that use the network must be authorized and encrypted.
Companies and businesses are extremely vulnerable to online thefts and cyberattacks targeting their valuable data and client information.
Despite the evident necessity to embark on preparation as soon as possible, according to YouGov Survey only 29% of UK businesses have started preparing for GDPR. Almost 38% of business owners claimed that they were not conscious of GDPR particulars and over 71% were ignorant of the amount of fines they may face from the slightest noncompliance.
The deadline for compliance is May 25, 2018. So it is high time to find out what GDPR requirements are, what changes it is going to bring about and how you can get ready.
Till May 2018, the digital rights of the people lack everywhere and consumer privacy most often puts into the question because there is no regulation in effect which define the way companies can acquire and manage the consumer data.
Also, the data can be processed only for the activity that’s specified in the consent, else it’s considered as a breach of GDPR trust.
It has caused most angst among the marketers because it’s difficult to gauge.
In this manner, the event marketing still holds value, but when the data is considered as a bonus, not the primary focus.
But, in a GDPR world, it has become a tenuous task because before selling the list of prospects, the providers have to take the consent of the prospects, which is a hard nut to crack in.
The marketers can target customers with dynamic content based on their present interest.
