Outlook and Projections for 2019

Dear Readers, what developments, surprises and events will 2019 bring us? What will happen in our focus areas and what impact will these developments have on our activities? Here are my projections for 2019: Digitization: The robot is overtaken by the can opener The debate on digitisation has so far been conducted in completely absurd…

Cloud Act: Do you think you can keep your secrets?

The Neue Zürcher Zeitung (NZZ) has addressed the Cloud Act; Conclusion: American cloud providers are not an option for companies that want to keep secrets. That’s not new, but it’s important because it’s the first time our leading business paper has informed our managers and business owners about the risks involved when using American cloud…

The eleven biggest misconceptions in Cyber Security

This article was published in 2011 and updated in 2017: “There are many misconceptions in computer and information security that deceive the view on reality. But to make meaningful security decisions, it is important and key to know and truly understand the misconceptions commonly found in computer and information security. In this article, we outline…

Future Data Protection: Conclusion

Translated with www.DeepL.com/Translator What next? As shown, elementary misconceptions and inadequacies exist in the current EU data protection law. The list could be continued for a long time. One reason for this is certainly that the law was obviously drafted by the data protection lobby. This can be shown by various examples, my dearest thing…

Blockchain is not a trust machine

In October 2016 a book about Blockchain by my colleague Daniel Burgwinkel was published with a technical contribution by me on the topic “Trust and Liability”. Here is the Management Summary: Abstract: After the euphoria about the Blockchain technology follows the question of trust in this “new” technology on its feet. Technical security usually plays…

GDPR Misconception No. 7: The 72 hour Data Breach Notification

Translated with www.DeepL.com/Translator No security or communication professional understands the motivation for the 72 hour data breach notification rule (Art. 33).  The problem here is that, in practice, it is impossible to make a statement within a period of three days about the impact of the vulnerability of a system that has been exploited. This…

GDPR Misconception No. 6: Information Security can be neglected

  Translated with www.DeepL.com/Translator Are you astonished? Do you have the impression that information security is a very important topic today? Then your attitude is the same as mine. The data protection laws and above all the DS-GVO in no way reflect the importance of information security (Art. 32 has just 4 paragraphs, actually no…

GDPR Misconception No. 5: The regulator punishes the SME’s

Translated with www.DeepL.com/Translator If one reads the press reports about real or alleged data protection violations, then the discussion always moves in the direction of the “big one”, i.e. Facebook, Google and Co. One could conclude that the GDPR also has these providers in its sights, but that is far from the case. The EU…