On 14/04/2016 EU Data Privacy had been approved the regulation which is, nowadays, mandatory. However companies have 2 years to carry out its suitability before receiving an economic penalty for not having completed it. On 04/05/2016 EU Data Privacy regulation had been published in the official bulletin of the European Union, after 20 days (25/05/2016) the new EU Data Privacy regulation became official. The General Data Protection Regulation (GDPR) have big economic penalties which will start to be real after 2 years this regulation was approved so: May 2018 Penalties of 10 millions or up to 2% of global turnover for the previous year and 20 millionsRead More →

Nowadays the payment fraud landscape is changing quite fast. Changing from classic schemes as bank cheque fraud, faked manual payment orders to organized crime with corporate as targets. Understanding fraud also occurs when dishonest acts are committed without personal gain but are intended to create a loss or risk of loss for another person or entity. This includes the intentional misrepresentation of financial condition. I created a presentation where I explain in details this topic, you can see my presentation here: Payment fraud from Ramiro CidRead More →

Currently, market has a wide range of systems, products and services focused on computer security services: Antivirus, Antispyware, Firewalls, IPS, WAF, SIEM systems, etc. All these measures are indispensable and have become a priority for any company or organization towards ensuring its assets, but social engineering plays with the advantage that you can use techniques that violate own vulnerabilities inherent in human beings and, as is well known, for this there is no patch or upgrade that provides effective protection against such attacks. People is normally “the weak link in the chain”. I created a presentation where I explain in details this topic, you canRead More →

Some of you maybe made some risk analysis in the past, and maybe some others use to do risk analysis in a regular basis. Some people use Octave, CRAMM, NIST or other risk analysis methodologies, but… Have you ever though if you have a GAP or a lack of visibility in the way you use to do your analysis? I created a presentation where I explain in details this topic, you can see my presentation here: Thinking on risk analysis from Ramiro CidRead More →

The use of unmanned aerial vehicles (drones) is increasing for both leisure and commercial purposes, so it is more and more an extended practice. The different uses are many and the list continue growing, thus some issues started to appear which need regulations and best practices to try to control the use in a correct way. I created a presentation where I explain the best practices about the use of drones in Critical Infrastructure, you can see my presentation here: Drones and their use on critical infrastructure from Ramiro CidRead More →

Nowadays, and even more in the future, Internet of Things, Big Data and Mobility will be present (they are already now) in our personal and professional life. The more these concepts grow, the more risk we are assuming about misuse of our Privacy Data, so more effort we will need to do to improve our privacy. Internet of Things definitely is a big relationship between physicalWorld and virtualWorld. In the future (already now) the extensive use of our data in this new “virtual World” causes a huge risk of misuse of our private data. Big Data is a broad term for data sets so large or complex thatRead More →