Articles and publications

The Value of Information

This year, the R&L AG in Landshut (D) celebrates its twentieth anniversary. I was asked wether I could contribute an article: “The value of information”, which I was very happy to do (article in German and English). To the article

Outlook and Projections for 2019

Dear Readers, what developments, surprises and events will 2019 bring us? What will happen in our focus areas and what impact will these developments have on our activities? Here are my projections for 2019: Digitization: The robot is overtaken by the can opener The debate on digitisation has so far been conducted in completely absurd spheres. Robots, self-propelled cars and autonomous drones were used to swagger, office jobs and lawyers

Cloud Act: Do you think you can keep your secrets?

The Neue Zürcher Zeitung (NZZ) has addressed the Cloud Act; Conclusion: American cloud providers are not an option for companies that want to keep secrets. That’s not new, but it’s important because it’s the first time our leading business paper has informed our managers and business owners about the risks involved when using American cloud providers without additional security measures.. The recipe, however, is ineffective and diplomacy will not do

The eleven biggest misconceptions in Cyber Security

This article was published in 2011 and updated in 2017: “There are many misconceptions in computer and information security that deceive the view on reality. But to make meaningful security decisions, it is important and key to know and truly understand the misconceptions commonly found in computer and information security. In this article, we outline and discuss the misconceptions we think are most common and influential. We divide the misconceptions

Future Data Protection: Conclusion

Translated with www.DeepL.com/Translator What next? As shown, elementary misconceptions and inadequacies exist in the current EU data protection law. The list could be continued for a long time. One reason for this is certainly that the law was obviously drafted by the data protection lobby. This can be shown by various examples, my dearest thing is the liability of the data protection officer: this is not regulated in the law:

Blockchain is not a trust machine

In October 2016 a book about Blockchain by my colleague Daniel Burgwinkel was published with a technical contribution by me on the topic “Trust and Liability”. Here is the Management Summary: Abstract: After the euphoria about the Blockchain technology follows the question of trust in this “new” technology on its feet. Technical security usually plays the smallest role. Rather, the question arises: What must be done to ensure that potential

The 10 major GDPR misconceptions

Die DS-GVO ist ein Gesetzesmonster welches bereits bei der Publikation hoffnungslos veraltet war. Was sind die wichtigsten Fehlüberlegungen der DS-GVO und der klassischen Datenschutzansätze? Diese Artikelserie geht darauf ein.

GDPR Misconception No. 7: The 72 hour Data Breach Notification

Translated with www.DeepL.com/Translator No security or communication professional understands the motivation for the 72 hour data breach notification rule (Art. 33).  The problem here is that, in practice, it is impossible to make a statement within a period of three days about the impact of the vulnerability of a system that has been exploited. This can be compared to an aircraft accident: We must inform them as quickly as possible

GDPR Misconception No. 6: Information Security can be neglected

  Translated with www.DeepL.com/Translator Are you astonished? Do you have the impression that information security is a very important topic today? Then your attitude is the same as mine. The data protection laws and above all the DS-GVO in no way reflect the importance of information security (Art. 32 has just 4 paragraphs, actually no more than a side note). Nothing has been done here and not even the old

GDPR Misconception No. 5: The regulator punishes the SME’s

Translated with www.DeepL.com/Translator If one reads the press reports about real or alleged data protection violations, then the discussion always moves in the direction of the “big one”, i.e. Facebook, Google and Co. One could conclude that the GDPR also has these providers in its sights, but that is far from the case. The EU legislator apparently didn’t seem to care whether the data protection law was applied to the

© 2021 Cybertrust Services . Powered by WordPress. Theme by Viva Themes.