barryscott

Posts by Barry Scott

Barry Scott is CTO of EMEA. An industry veteran with over 25 years’ experience working in the Windows, Unix and Linux space helping major organisations in almost every industry vertical. The last 9 years of Barry's career have been spent helping organisations manage their Identity Management and Auditing challenges.


Hot Topics

What’s in it for Consumers? The Top 5 Privacy Benefits of the GDPR

By , May 30, 2018

The General Data Protection Regulation, or GDPR for short, is a major new European privacy law that went into effect on May 25. GDPR will radically reframe our relationship with the organisations that store and process our data. From Amazon to the UK National Health Service (NHS), organisations around the world are desperately racing to ensure compliance, even after the deadline. Yet despite these efforts, just one in ten consumers have heard of the data protection regulation. That’s a shame, because this is a huge piece of legislation which will impact virtually every industry in its bid to make the…

Hot Topics

It’s Almost GDPR D-Day: So What Happens Next?

By , May 23, 2018

Over the past 12 months during this blog series I’ve tried to provide insight into some of the key aspects of the GDPR and how organisations can better prepare for the big compliance deadline day of 25 May. Now that day is almost upon us, the question many organisations are asking is, “what happens next?” The truth is that, despite having had years of notice, many are only now waking up to the reality of the new regulatory regime. A recent survey of RSA attendees found just 14% claimed they were fully prepared for the GDPR. So what can we…

Hot Topics

Supply Chain Risk: Time to Focus on Partners Ahead of GDPR Deadline

By , April 25, 2018

With the GDPR compliance deadline of May 25 almost upon us, recent events have highlighted the importance of locking down third-party risk. Attacks on supply chain partners, Facebook’s data leak scandal and a new report from the National Cyber Security Centre (NCSC) have all come at an opportune time to illustrate the potential liabilities facing firms. The GDPR will require much stricter due diligence and new contractual provisions between data controllers, processors and other third parties. Access controls in particular should be front and centre when dealing with suppliers. This is an opportunity to differentiate on improved security, so grab…

Hot Topics

GDPR and Privacy: How to Earn the Trust of Your Customers and Keep Regulators Happy

By , March 29, 2018

Customer data is the lifeblood of any organisation and the key to unlocking sales and growth. But the data you hold and how you use it is about to come under intense scrutiny, thanks to new European privacy rules. The EU General Data Protection Regulation (GDPR) is the biggest shake-up to the region’s laws in this area in almost a generation, introducing sweeping new rights for consumers and potentially onerous obligations for organisations. To avoid hefty fines, whilst retaining the trust of your customers and prospects, you’ll need to pay special attention to the new rules and make lasting changes…

Hot Topics

With Less Than 100 Days to Go, How to Get C-Level Buy-in for GDPR Compliance

By , March 5, 2018

For GDPR compliance initiatives to work effectively, there has to be buy-in from the boardroom. That doesn’t just mean releasing the necessary funds to bolster efforts ahead of 25 May, but understanding the need for long-term cultural and process changes to the organisation in the years to follow. However, with less than 100 days to go until the compliance deadline, only a quarter (26 per cent) of European firms are fully compliant, according to Forrester. So how can you drive greater awareness at senior levels of your organisation? The good news is that new Centrify research suggests that the C-level…

Hot Topics

4 Months to Go: A New Year GDPR Checklist

By , January 23, 2018

As we enter the New Year, IT and security leaders have most likely been glued to revelations of major new CPU-level vulnerabilities Meltdown and Spectre, described by researchers as among the “worst ever” discovered. However, there’s arguably an even more pressing concern, not just for IT but the entire organisation: GDPR compliance. There are now just over four months to get your house in order before the sweeping new EU regulation formally comes into force on 25 May. Regulators will be given the power to levy fines of up to 4% of global annual turnover or £17m, whichever is higher….

Hot Topics

Six Months and Counting: How Standards and Frameworks Can Help GDPR Compliance

By , December 4, 2017

The theft of highly sensitive personal information on 57 million Uber drivers and customers in the Uber data breach — and its subsequent cover-up — is in many ways what the GDPR was invented for. Here is a multi-billion dollar US tech company that reportedly protected access to key data in the cloud by using just static log-ins. Not only did its data protection controls therefore fall short of the best practice “state-of-the-art” approach outlined in the GDPR, but the firm also failed to report the incident — something which would incur a fine of €10m (£8.9m) or 2% of…

Hot Topics

Equifax Breach Shows Firms Still Aren’t Getting the Basics Right Ahead of GDPR Deadline

By , October 9, 2017

As each week brings the 25 May 2018 deadline for GDPR compliance closer to hand, we seem to be faced with yet another report highlighting poor levels of preparedness among organisations. Recent findings reveal that an astonishing 64% of UK firms have not yet begun preparations for the sweeping new data protection law. Yet as shocking as these stats are, a far more effective way to focus the minds of IT security and business leaders is to highlight some recent big-name data breaches and consider how the companies affected would have been treated in a post-GDPR world. For Equifax, there’s particularly…

Hot Topics

NIS Directive Compliance: It’s Just as Important as the GDPR

By , September 5, 2017

IT security managers have had plenty on their plate this year co-ordinating compliance efforts in advance of the forthcoming EU General Data Protection Regulation (GDPR). But while the sweeping new privacy law has dominated the headlines for the past year or more, there’s another important piece of regulation on its way from Brussels, that will apply specifically to “operators of essential services” (OES). It’s known as the EU directive on the security of Networks and Information Systems (NIS). With the same huge fines of up to £17m or 4% of global annual turnover levied for non-compliance, it’s vital that you…

Centrify Perspective

Post-Brexit Data Flows: Why There’ll be No Place for UK Firms to Hide from GDPR

By , August 1, 2017

As with most aspects of the EU, unhindered cross-border data flows are something most U.K. firms just take for granted these days. Thanks to the cloud, huge volumes of corporate data is stored in third party providers’ data centres, frequently not even in the UK. Aside perhaps from those in highly regulated sectors, corporate users don’t think twice about accessing that data, and sending it to and from partners and customers on the continent. However, the U.K.’s departure from the world’s biggest trading bloc raises new questions about the legality of such transfers. In a new report, the House of…