data protection

Data Security and Privacy in the Era of Floating Homes

/ bugejajoseph / Leave a comment
Image source: https://reinaboats.com/reinaboats/reina-mini-t24

Slightly over a year ago, I mentioned Ocean Builders’ innovative living pods and how they are using smart home technologies in their vessels. Now, a new contender, Reina, takes the stage. Reina’s flagship yacht home model, the luxurious Reina Live L44DR, showcases not only lavishness but enhanced comfort and convenience also by incorporating smart home functionalities (smart TV, smart speakers, etc.).

The transition from a fixed abode to a mobile dwelling incites inquiry. Can a floating home offer a higher degree of security and privacy compared to its stationary counterpart? Do the potential challenges of connectivity experienced within the realm of floating homes share similarities with those encountered in the context of connected cars and trucks? Beyond concerns about location privacy, the intricate facets of this discourse warrant scholarly exploration, as the enduring appeal of these aquatic residences persists. This theme was also briefly addressed in one of the recent conferences at which I presented.

EU Data Initiatives: Developments to Watch in 2024 and Beyond

/ bugejajoseph / Leave a comment

The European Union (EU) has been at the forefront of global efforts to protect privacy and personal data. Over the years, the EU has implemented several initiatives and regulations that aim to safeguard the privacy rights of its citizens. The International Association of Privacy Professionals (IAPP) has created a timeline of key dates for these EU regulations and initiatives, including those that are yet to be finalized.

Photo by freestocks.org on Pexels.com

Here are the key dates to watch out for the year 2024 and beyond:

  • February 17, 2024: The Digital Services Act (DSA), which aims to establish clear rules for online platforms and strengthen online consumer protection, will become applicable
  • Spring 2024: The AI Act is expected to be adopted
  • Mid-2024: The Data Act is expected to enter into force
  • October 18, 2024: The NIS2 directive will become applicable
  • January 17, 2025: The DORA regulation will become applicable

In conclusion, the EU’s data initiatives are set to undergo significant changes in the coming years with the implementation of regulations like the DSA, AI Act, Data Act, NIS2 directive, and DORA regulation. These initiatives aim to establish clear rules for online platforms, strengthen online consumer protection, facilitate data sharing, and more. It is crucial for organizations, including individuals, to stay up-to-date with these key dates to ensure compliance with the new regulations and to take advantage of the opportunities they present.

For a more detailed overview of the EU’s data initiatives and their key dates, check out the infographic created by the IAPP here.

Securing the University: My Information Security Awareness Session

/ bugejajoseph / Leave a comment
Photo by ThisIsEngineering on Pexels.com

As technology continues to advance, so do the risks and threats associated with it. To protect ourselves and our institutions, it is crucial to remain informed and updated with the latest security trends and best practices. This was the main focus of my recent 45-minute security awareness session with the university technical staff.

In addition to discussing fundamental security measures, I also covered the latest threat actors and threats in the cyber security landscape affecting universities and public institutions. This included state-sponsored actors, cybercriminals, hacker-for-hire groups, and hacktivists. I emphasized the potential consequences of a cyber attack, which can be severe and damaging, such as financial losses, reputational harm, and legal liability.

One alarming statistic I shared was that according to estimates from Statista’s Cybersecurity Outlook, the global cost of cybercrime is expected to surge in the next five years, rising from $8.44 trillion in 2022 to $23.84 trillion by 2027. This underscores the importance of taking proactive steps to mitigate potential risks.

While technical measures are essential, we also discussed the human element of security, including social engineering tactics like phishing emails or pretexting phone calls. Information security starts and ends with all of us, and it is crucial that everyone takes responsibility for protecting sensitive information and assets.

Here is a redacted version of the presentation. Additionally, I recently co-authored an article titled “Human Factors for Cybersecurity Awareness in a Remote Work Environment”, which delves into relevant and relatable cyber security aspects for remote employees.”