Gary Palgon
Vice President, Product Management
nuBridges
The ISSA-UK Chapter meeting was held last Thursday evening at the London offices of KPMG and attended by about 60 information security professionals. There were three speakers covering an update from the Information Commissioner Office, the legal aspects of data security and how to reduce the scope of PCI DSS compliance using tokenization - the last one given by yours truly.
The topic was well received and much discussion with the group covered how tokenization applies to other data beyond credit card information and the industries that are a great fit for it – including health care, state and local government (e.g. law enforcement), hospitality, etc.
What was interesting about the other two talks is that the Information Commissioner’s Office noted that they have lots of laws and procedures to protect data but a limited ability to fine organizations for non-compliance, while the solicitor (lawyer for you and me) covered the power of both civil and criminal prosecution for breach of the very same laws. The recommendation from both was to protect the data though!
I’m on vacation next week, spending my 13th year as a counselor to kids with cancer at Camp Sunshine. Have a great week and go protect your data!
Gary
