The aim of this Privacy Framework is to improve privacy risk management between business/mission drivers and privacy protection activities. It is intended for organizations that use data processing systems, products or services irrespective of their sector, focus or size. …
The Story of Daniel Seid, a PECB Certified ISO/IEC 27001 Master Looking back over the last decade, it’s remarkable how much PECB’s network has achieved and advanced professionally. Such advancement is not only a result of our training development and deliverables, but also of the ways by which we’ve been…
The first edition of ISO 22301 was launched in May 2012. It was the first truly internationally accepted standard on business continuity, and it consists of requirements to implement a Business Continuity Management System according to ISO Annex SL. As such, it stood in line with its prominent predecessors such…
Connectivity is one of the main pillars that are defining life in the 21st century. The level of depth that connectivity defines our routines in this century is truly astonishing. With a particular boost after the first decade of the century, we have developed not only habits, but entirely new…
A politically inclined attack or just a ‘simple’ lack of security awareness? Whatever the case, the cyber-attack that hit Marriott was huge. This was the joint second largest data breach to take place, after Yahoo in 2013 and Equifax in 2017. A cyber attacker stole personal information including names, emails,…
Melbourne has been considered “the most livable city in the world” over the past seven years, this year being dethroned by Vienna, the Austrian capital, according to the Economist Intelligence Unit‘s 2018 rankings. I am originally from Romania and before deciding to live in Melbourne, we lived in Adelaide, South…
The philosopher Santayana is famous for having once warned: “Those who cannot remember the past are condemned to repeat it.” Recent events have provided several sobering examples of just how true that is. The Apple-FBI dispute was perhaps one of the most recent, painful examples we’ve witnessed a debate the…
We are all talking about the future of jobs. But the question that we should perhaps ask, the most essential one, is: How should those jobs look like (or what should those jobs be)? With the evolution of the nature of the job market, we are facing new realities and…
The Responsible AI movement and the EU AI Act are among the major catalysts shaping the AI landscape, highlighting issues such as fairness, transparency, and accountability. Governance professionals have rapidly developed principles, frameworks, assessments, and toolkits, and yet many companies are struggling to determine their first governance steps. Perhaps the…
Since January 2025, Europe’s financial sector has been governed by the Digital Operational Resilience Act (DORA). This sweeping regulation aims to ensure that financial institutions can withstand, respond to, and recover from IT-related disruptions. Its enforcement comes at a critical time. The scale and sophistication of cyber threats have reached…
In today’s interconnected business environment, organizations face an expanding array of operational risks that threaten their ability to deliver products and services. From cyber-attacks and data breaches to supply chain disruptions and regulatory changes, the complexity and velocity of risks continue to increase. Operational resilience, the ability to adapt, respond,…
The surge of digital transformation and the explosion of cyber threats have rendered traditional perimeter-based security models obsolete. Zero Trust Architecture (ZTNA – Zero Trust Network Access) has emerged as a cornerstone of modern cybersecurity strategies. When combined with the requirements of ISO/IEC 27001:2022, it dramatically enhances governance, compliance, and…
With technology advancing faster than ever, cybersecurity is crucial for safeguarding next-generation Information and Communication Technology (ICT) solutions. Emerging technologies such as artificial intelligence (AI), 5G, and IoT are transforming the cybersecurity landscape, presenting both opportunities and challenges. AI, in particular, is a double-edged sword. On one hand, it enhances…
In the 1990s, Dr. Ann Cavoukian introduced Privacy by Design (PbD), a revolutionary framework that embeds data protection into the very fabric of technological systems and business processes. Unlike reactive approaches that address privacy concerns only after a breach occurs, PbD is inherently proactive, ensuring that privacy and security are…
AI isn’t just reshaping our tech landscape, it’s reshaping the very ground rules by which we operate. As regulations begin to emerge from the drawing boards of global policymakers, they’re bringing a new era of accountability, transparency, and, yes, opportunity. The question is no longer if AI regulations will affect…
It was 3:00 AM. My phone buzzed with yet another alert: a key service had gone down, and customers were already complaining. Within minutes, a war room was set up. Logs were scattered. Monitoring dashboards blinked red. Engineers were struggling with fragmented tools, and the root cause remained a mystery.…
When the GDPR was adopted in 2016, AI systems were far less advanced than they are today. The first Large Language Model (LLM), GPT-1, appeared in 2018, but LLMs only captured mainstream attention around 2020 with the release of GPT-3. Since the GDPR predates this rapid AI development, some of…
In today’s digital age, we are increasingly confronted with challenges brought about by digitalization, cyberspace, new technologies, and the ever-present buzzword of AI, not only in finance or technology-focused fields. Law and the legal profession are no exception. Legal practice in these sectors requires deep expertise, but also the ability…
