ENISA – the European Network and Information Security Agency – defines this concept as ‘any person having the right to have personal data rectified, erased or no longer processed.’ This essentially means that, should a member of the public want a website or company to delete his or her personal data, this request should be obliged.

The right to be forgotten, which may soon become part of EU Data Protection Regulation when member states vote in June, has caused quite a bit of controversy. From the public’s perspective, the right to be forgotten is only a good thing; growing concern regarding inaccurate or misleading information on the web has caused certain individuals to speak out about how Google searches on past failures, employment history or debt have damaged reputations today.

Despite the general consensus from the public, member states in the EU are at an impasse. Vivian Reding, the EU justice commissioner, champions the initiative, with a view to imposing serious fines on companies refusing to oblige requests to erase personal data. Yet, nine member states of the EU want to opt-out of the legislation, concerned that it’s a form of censorship that threatens online free speech. It’s worth noting the proposed legislation does not include journalistic archives, comments or articles on posts from bloggers, who are exempt under the freedom expression.

In addition to the right to be forgotten, the EU is asking for companies to notify affected individuals of personal data breaches within 24 hours. From a security perspective, any company that frequently handles consumer data should always put the customer’s interests first. Today’s “knowledge assets” are lucrative targets for cyber criminals. But determining the best course of action to protect consumer privacy is not an easy task. Transparency in how consumer data is being used and by whom is key, and implementing data governance programmes that allow businesses to monitor sensitive information is part of the solution. If customers ask for their information to be deleted from archives, then the onus is on the business to manage this process with the customer in mind.

However, it’s not just the responsibility of the business to protect customer information assets. Consumers themselves also have a role to play in ensuring their own information doesn’t fall into the wrong hands. Personal data can leak in a variety of ways. A recent survey by The Guardian asked readers on their experience of internet privacy and common complaints. These were:

·         Difficulty with erasing social media accounts and all associated data

·         Problems with Google Search function elevating outdated or incorrect results to the top of the page

·         Lack of control over pictures posted by other people

The last complaint is a common problem for people who share their passwords with loved ones. According to a recent McAfee / MSI International survey, 56% of the 1,000 respondents had shared their email details with their partner, while 50% shared other passwords such as phone PIN or social media logins. This ‘what’s mine is yours’ mentality can backfire and lead to content being posted online that wasn’t intended.

The internet is the stereotypical elephant – it never forgets. As we go about our daily lives, sending emails, writing articles online or updating social media pages, we’re leaving a digital footprint tracking our every move. While some of us may fall foul of inaccurate Google searches or dusty company archives, the best way we can protect ourselves is by controlling what we put online in the first place.

Cyber criminals are no dummies.  If it is easier to attack from the inside, why not innocuously get inside first, then launch your attack.  Intrusion prevention systems (IPS) are tuned to look for outright attacks in the network flows coming into the infrastructure.  They do not usually look for attacks originating from the inside.  Delivering a malware file, especially to an IPS that is looking for attacks and not file delivering, is not typically seen as malicious.

Delivering an unknown payload into an infrastructure is actually easier than delivering a known payload.  Why?  Most security products focus on finding things they know to be bad – looking for known patterns of malware is exactly what pattern matching is all about.  Recompiling a malicious payload after some minor adjustments often obscures the pattern, meaning the payload is unknown and passes through the defenses.

It pays to be patient.  Security products typically do not have a long attention span.  Though stateful, firewalls hardly spend more than a second making a determination about a flow before moving on to the next flow.  IPS solutions, traditionally, may spend a little more time on flows they examine, but we are still talking about seconds.  So malware that installs, but patiently waits for minutes, hours or even days will typically evade any stateful behavior monitoring by network security.

Taking these things into consideration, not only are targeted attacks becoming the choice for cyber criminals, but delivering a malicious file that can launch its nefarious activities from the inside the defenses is on the rise.  Malware fits this trend, and in fact, the overall threat trends (see the 2013 Threat Predictions, by McAfee Labs) show that malware is on the rise.  Fortunately, paying attention to the trends, McAfee Network Security Platform is poised to defend against malware in ways no other IPS can.  Stay tuned to find out more.

After the craziness of Christmas, the annual January family holiday and the hectic ‘Back to School’ spending spree, I can finally take a breath. And then get psyched up to get organised for the year.

So, as soon as my children were deposited at school, I grabbed my pen and paper and started putting together my ‘To Do’ list for 2012. And like every family’s list – it was long. It looked something like this:

1. Download my holiday photos and videos from my camera and share with family and friends
2. Clean House (least favourite task)
3. Book Dental appointments for children
4. Organise boys’ after-school activities for the year
5. Sort through children’s bedrooms – with a strong focus on under the bed!
6. Buy big whiteboard and then compile family timetable
7. Cover even more school books (really dislike this one too)
8. Plan out the year: schedule in holidays, birthday parties and events
9. Back to Work: New outfit? Shoes, maybe? (probably not), haircut
10. Make sure all devices (PC, tablets and phones), old and new, are secure

I have no doubt your lists look quite similar. Most of the above tasks are, unfortunately, unavoidable. However I wonder how many of you have also added a number 10 to your list?

With tablets and phones at the top of many children’s (and adults’) Christmas wish lists in December, many Australian families would have already loaded their personal data, contact information, photos, and entertainment files onto their new devices by now, eager to enjoy their new toys right away.

But gone are the days where we can assume that our devices are safe. Even if you aren’t a big Internet surfer or a full time Facebook user it doesn’t mean you are home free. And don’t think that free security software will protect you. It won’t. It will typically only provide you with basic protection and is almost always offered to get you to buy more comprehensive products.

When your devices are unprotected, they are vulnerable to infections by nasty viruses and spyware, or scams by sneaky hackers designed to steal your personal information. And don’t think your Mac and mobile are excluded from this. Cybercriminals are widening their nets to target a variety of devices and platforms.

So what can you do to protect your ever-growing fleet of devices? How can you protect your entire family’s personal identity and information when shopping, banking and interacting online?

In short – you need to stay one step ahead of cybercriminals by arming yourself with active, comprehensive protection for all the devices you use to access the Internet. Why not check out McAfee® All Access, which lets you protect a wide variety of Internet-enabled devices, including PCs, Macs, smartphones, tablets and netbooks, for one low price for individuals and families. To learn more, visit www.mcafee.com/au/allaccess.

And once you have crossed that item off your list, you can sit back and enjoy the peace – till 3 o’clock, anyway!