Threat identification and analysis in information management

TECH: Mapping controls in data privacy/information security

The identification of threats plays a critical function for firms. Any thriving business must know existing threats in their business to develop resilience or create abilities to withstand unpredictability. This piece introduces the meaning of threat. Peter Gregory, a reknown cybersecurity expert defines threat as “an event that, if realised, would bring harm to an […]

Eight must-have features of data protection officer

TECH: Mapping controls in data privacy/information security

There have been ongoing debates about what a data protection officer must have to carry out her job appropriately. Especially in Nigeria, stakeholders are asking what a DPO possesses to be efficient in her role. In this piece, I highlight eight critical features of a DPO. Knowledge of the regulation. You can’t teach what you […]

Further discussion for consent

TECH: Mapping controls in data privacy/information security

When you go to some websites, you will find this gentle pop-up that seeks consent. Usually, it is the cookie consent or directions to read privacy notices. But most of the time, people don’t read these things because they are long and inaccessible. However, when you dig deeper into some consent forms, you would find […]

Developing a Data Privacy Strategy and Team.

TECH: Mapping controls in data privacy/information security

After a company identifies the data privacy framework that works for them, the next step is to consider the right privacy strategy. In simple terms, a privacy strategy covers the company’s approach in communicating and obtaining support for the privacy program within the organisation. Remember, to drive the privacy program is a team sport, and […]

What Nigerian NGOs and charities need to know about Nigeria Data Protection Regulation (NDPR)

TECH: Mapping controls in data privacy/information security

Most Nigerian non-governmental organisations (NGOs), charities and religious houses overlook the Nigerian Data Protection Regulation. However, NGOs that cannot endure the medicine of the regulation because it is too strong must be content with inefficiency, bungling of data and steadily violating existing local data privacy regulation. Let us put the reason into perspective. A particular […]

Nigerian employers and employee monitoring 

TECH: Mapping controls in data privacy/information security

What might seem like an ‘innocent’ act by an employer in the name of employee monitoring can be viewed as an excessive intrusion when placed under data privacy regulations lens. I relate a practical story for readers’ further comprehension.   The chief executive officer of a particular furniture shop in Lagos, Nigeria, places four cameras […]

Focus areas for IT governance

TECH: Mapping controls in data privacy/information security

In a meeting with some information security personnel, the chief executive officer (CEO) of a bicycle company in Lagos quipped that, “We only sell bicycles. Why should we be spending so much on Information Technology (IT) Governance?” With that statement, he cut the budget for IT governance and proceeded to pour more money on the […]