My blog posts
The Proposal for a Regulation on Cybersecurity Requirements, recently published by the European Commission, significantly raises the profile of... >>
A few weeks ago I was invited to contribute to Team Cymru’s Future of Cyber Risk podcast. As I hope is apparent from the resulting recording, it was... >>
The latest draft part of the ICOs guidance on data protection technologies covers Privacy Enhancing Technologies (PETs). This is a useful return to a... >>
My role is to keep Jisc, its members and customers informed about the legal, policy and security issues around networks, networked services and data.
Over the past twenty years there have been many new laws relevant to Jisc’s services, from the Regulation of Investigatory Powers Act to the General Data Protection Regulation (GDPR). As Jisc innovates in its use of technology and data, we also need to lead understanding of how laws can guide the development of those activities.
Our experience of how technology works in large-scale practice also lets us contribute to the development of new laws - for example on defamation, criminal content and data protection - to make them more effective in protecting people, data and systems.
Previously I ran the JANET-CERT and EuroCERT incident response teams.
Preparing for the GDPR
University Business, December 2016