I was very pleased to host a Christmas dinner on Thursday (8th December) for 20 members of the Charities Security Forum to mark the 9th year of the Charities Security Forum.
As is our custom for CSF meetings, we had several charities attending their first meeting – and what a meeting it was
The venue was good (Four Seasons hotel, Park Lane), the food delicious, the wine flowed, sponsors (Trend Micro, e92, Heat Software, Secon Cyber Security and Bottomline Technology) generous, and the company delightful.
So the wine flowed and the diners chatted. What were the topics under discussion?
The first was how charities secure personal information.
Like any company in the UK, charities must comply with the 8 principles of the Data Protection Act (DPA).
From 25 May 2018 the EU General Data Protection Regulation (GDPR) will affect every organisation that processes EU residents’ personally identifiable information (PII).
At first glance GDPR seems draconian, particularly the requirement to report breaches to the ICO in a much more timely fashion and the fine for non-compliance (4% of global gross income) – but only at first glance. If you are compliant with DPA you need only to improve your processes to provide more transparency and openness to the public.
And BREXIT will make no difference.
Rik Ferguson of Trend Micro took up the discussion to talk about the vulnerabilities of 2016, in particular, the rise of ransomware and the dangers of being personally targeted by social engineers who use information from sites such as LinkedIn and Facebook to find the link that will intrigue you into clicking rather than deleting the email.
Both topics developed into discussions around the table that lasted after dinner was fin0shed and the table cleared.
Many attendees said at the end and by email since, how much they enjoyed the evening.
If this is how the ninth year ends the tenth year promises great things.
Brian Shorten – Chairman, Charities Security Forum