Ntrepid Blog - Passages
In May 2018, the new General Data Protection Regulation (GDPR) will take effect, applying to the vast majority of organizations across the world and signaling one of the most significant changes in data protection regulation to date. The GDPR, focused on notice, consent, control, and security, will mean that websites are obligated to A) let users know what information is being collected, B) protect the user data they collect, and C) delete a user’s information at their request. We are likely to see a heightened awareness that organizations are collecting all kinds of personal data online as a result of GDPR, similar to what is now occurring under existing EU privacy rules.
Effective managed attribution, critical for successful online investigations, can be achieved by leveraging the right technologies and practicing proper OPSEC. Ntrepid provides you with both the technologies for identity protection and the training enabling your users to access online information while protecting themselves, your organization, and the mission.
In a recent webinar, I discussed my journey of discovering the lesson that avoiding a fight in the first place is also the right choice when it comes to cybersecurity. One reason is that blocking attacks has several drawbacks. If you miss, you get hit; and even if you block it, you can still get hurt from the attack anyway if your opponent is strong enough. The second possibility was literally brought home to me when my father broke his arm trying to block my mother's roundhouse kick. If Kung Fu were a game of rock-paper-scissors, shin bone beats arm bone. And if Kung Fu lessons were a set of cybersecurity practices, avoiding an attack beats trying to block every one.
As we get further into the 21st century, one of the biggest shifts in the intelligence community is toward more open-source intelligence gathering tools. The evolution of the internet and the emergence of the collaborative web has created a wealth of new information sources. Whether it's publicly available information (PAI) like Google, blogs, and web pages, or open source intelligence (OSINT) like Twitter and Facebook, valuable data is readily available to anyone who knows where to look.