Skip to content
White Label Consultancy Logo White // Privacy and Data Protection // Strategic Advice

White Label

Our Blog

The double-edged sword of AI in cybersecurity – Highlights from the ENISA AI Cybersecurity Conference’

ENISA AI Cybersecurity Conference took place on 7th June, and here are the key highlights: AI is a double-edged sword when it comes to Cyber Security as it enables better and more advanced prevention against cyberattacks but at the same time enables cyber criminals to advance their attack methods and vectors. Generative AI by Huub Janssen (Rijksinspectie Digitale Infrastructuur) Cyber

Read More »
Kevin Khoo 9th June 2023 No Comments
Puzzle
DPAs

Tips for negotiating Data Processing Agreements

As a data protection professional, you will often find yourself being part of large contractual negotiations, where you will be responsible for data processing agreement. Therefore, please find below a few tips on how to prepare for a (re-) negotiation of data processing agreements to achieve the best possible outcome of these. First of all, know the party on the

Read More »
Nicholai Pfeiffer 23rd December 2022 1 Comment
Risk

Managing Security and Privacy Risks

As cyber security risks increase and new data protection requirements surface, navigating the privacy and security landscape has become ever more onerous and demanding.Even in organisations with well-established and mature enterprise risk management programs, keeping your risk picture updated and actually having your identified risks under control have become an arms-race. Below, I will share a few risk-reducing steps that

Read More »
Nicholai Pfeiffer 21st December 2022 No Comments
Governance Program
Governance

5 tips for an effective Privacy and Security Program

Bringing your privacy and security program to life involve turning the principles and activities outlined in the framework into concrete actions and processes that can be implemented in practice within your organisation. This typically involves defining clear roles and responsibilities, establishing clear lines of communication and decision-making, and setting up systems and processes for monitoring and ultimately enforcing compliance with

Read More »
Nicholai Pfeiffer 20th December 2022 No Comments
Global
digitalrisk

The Conundrum of Handling the Challenge of Third-Party Digital Risk Management (Part 3)

SECURING THE RIGHT VENDORS IN THE CYBER SECURITY AND DATA PRIVACY DOMAINS Digitalization forcefully accelerates the adoption of platforms and devices that allow sensitive data to be shared with third parties, such as cloud service providers, data aggregators, application programming interfaces (APIs), and other technology-related intermediaries. In essence, this propagates the need to know and track vendors much more diligently,

Read More »
Philip Tavares 25th October 2022 No Comments
Governance Program
ciso

ISO/IEC 27001:2022 Updates

ISO/IEC 27001 is widely known as the de facto information security standard that specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system.   The first version of ISO/IEC 27001 was published in 2005, which evolved from the BS 7799 standard. In the final months of the second iteration published in 2013, the updated version was

Read More »
Kevin Khoo 20th October 2022 1 Comment
Data Transfers
digitalrisk

The Conundrum of Handling the Challenge of Third-Party Digital Risk Management (Part 2)

ADDRESSING THE CHALLENGE OF CONTINUALLY MITIGATING DIGITAL RISK Within the blog post series, “The Conundrum of Handling the Challenge of Third-Party Digital Risk Management”, this week we will visit the matter, “Addressing the Challenge of Continually Mitigating Digital Risk”, after addressing the different angels of the “Problem Statement” in the previous blog post within this series. Largely, we will address the

Read More »
Philip Tavares 17th October 2022 No Comments
cyberresilience

The Conundrum of Handling the Challenge of Third-Party Digital Risk Management (Part 1)

INTRODUCTION Over the coming three weeks, White Label Consultancy will publish three blog posts on the topic of third-party digital risk management, taking the customer and organization perspectives, which will emanate in a white paper that will be shared in three weeks. This week’s blog post will be about the “Problem Statement” of digital risk management, highlighting starting points and

Read More »
Philip Tavares 7th October 2022 1 Comment
Global
Privacy

Saudia Arabia Data Protection Law 

Introduction   The Kingdom of Saudia Arabia new has adopted new Personal Data Protection Law (PDPL) to regulate personal data processing and prevent personal data abuse in line with the goals of the Kingdom’s Vision 2030 to develop a digital infrastructure and support innovation to grow a digital economy. PDPL has many similarities with various national and international data protection regulatory

Read More »
Dusan Pavlovic 13th June 2022 8 Comments
GDPR

Privacy Policy – why does it matter?

Nowadays there is often a lack of understanding of why and how privacy policy is important for any organization that processes personal data.  This blog post sheds light on the notion of the privacy policy, its importance, structure, and enforcement. Hopefully, after reading this blog you will be able to understand the reasons why privacy policy should be considered as

Read More »
Dusan Pavlovic 5th May 2022 No Comments