In December 2020 the European Commission published a proposal to repeal the current NIS Directive (European Directive on Network and Information Systems) and to replace it with a new Directive: the so-called NIS-2 Directive. This post will give an update on the status of negotiations of NIS-2, and will outline the aspects we already know and don’t know about the upcoming Directive’s final form.
Privacy Focus Group – 18 February 2020 – DPA in favour of cooperation with CSC
19 February 2020 – Cyber Security Coalition
At a very well attended Privacy Focus group meeting, Data Protection Authority chairman David Stevens provided more insight into the DPA’s strategic plan 2020-2025 and this year’s management plan. Priorities include a focus on sectors as telecom and media, public sector, direct marketing sector, education and SMB (KMO/PME). This does not mean they are in line for more enforcement, but rather for support and help. Other points of action relate to the GDPR implementation cycle and proactive attention to societal challenges. While requesting funding to hire more people, David Stevens strongly supports cooperation with platforms such as the Cyber Security Coalition, as “we cannot do it all by ourselves.”
A GDPR compliance challenge was highlighted by Roeland Lembrechts’ “Shadow IT and GDPR” presentation (Sirius.Legal). Shadow IT includes all ‘non-ICT approved’ information technology used by employees. Uncertainties regarding GDPR compliance leave employers open to privacy infringements, as they remain ultimately liable as controller. Exceptions are very few, including the employee becoming controller through data processing on his or her own initiative, or liable because of fraud or negligence. His advice: embrace shadow IT, clear up the shadow and provide good policy, participate by buying into it, as well as monitor and manage.
On the picture: David Stevens, Chairman of the Belgian DPA
Other blog posts
Ransomware – today’s universal cyberworry – is but one aspect of a crime: cyber extortion. Orange Cyberdefense provides some insights into this scourge, based on its ‘Security Navigator 2022’-report.
The Cyber Security Coalition and top cybersecurity trainer SANS Institute joined forces to provide specially needed insights and recommendations on successful cloud security, as well as how to handle cyber security in these times of war.
It is easy to drown in the sea of dire warnings about the danger of AI, in particular to our privacy. The main point is that AI in good trust is possible, but requires solid, long term and well-structured approaches. This session of the Privacy focus group offers some crucial insights and welcome examples.
On computer security day we pay tribute to Ada Lovelace, the forgotten mother of the computer. Often described as the first computer programmer — before computers were even invented — Ada was a real visionary. Imagine what she might have achieved had Babbage actually built his “computer” and she hadn’t died at the age of 36.