Les applications mobiles à l’ère du RGPD : les enjeux pour notre intimité

Standard

Les applications mobiles ont investi les usages mais leur sécurité et conformité restent peu abordées alors que les menaces pour les usagers et leurs données ne cessent de croître. Les applications piratées, détournées, falsifiées défraient la chronique et sont pointées de doigt pour leurs insuffisances. Lorsque la question est portée en interne, il est trop fréquent de voir les équipes technique et/ou juridique se trouver démunies face à l’ampleur de la tâche.

Lors de cette intervention, Esther Onfroy et Rayna Stamboliyska présenteront les défis en matière de sécurité et conformité ainsi que les précautions à prendre pour y répondre. Issue de leur expérience de terrain, cette présentation abordera les aspects sécurité dès la conception, maîtrise de la chaîne de production et lutte contre les abus de données à caractère personnel par, entre autres, des pisteurs embarqués.

On se retrouve donc le mercredi 16 janvier 2019 à la 13e Université des DPO, l’événement incontournable des professionnels de la conformité à la loi Informatique et Libertés et au RGPD, à la Maison de la Chimie, à Paris.

Commuting is taking a toll on ya? Podcasts are the solution

Here is the ultimate podcast list for infosec and data protection. Enjoy!
Standard

The other day, I was participating in an after-work panel centring on the professional opportunities cybersecurity at large presents. The panel was primarily focused on drawing in women to the field as a way to diversify and enrich the talent pool although a few of us insisted on focusing on diversity, be it gender, social, etc.

Amongst the main question was: how do I get into the field? Trying to provide sound advice on that made me realise we have a handful of resources to building up new and/or additional skills within the realm. However, starting off if you are, say, a developer or a legal person may turn rather bumpy and challenging.

Rather often, we hear that technical knowledge is not required for a career in infosec when one has other competencies. IMHO, such a standpoint is highly debatable. Indeed, you do not — and cannot reasonably — learn and know and meaningfully mobilise any technical bit out there. And nobody will ever ask of you to be the absolute technical authoritative encyclopaedia. However, my position is that if you ignore the very makeup and fundamentals of the topic, you will be imprecise at best when providing consultancy services, however great your non-technical skills are.

Of course, learning new, complex, technical stuff demands time, effort, method and rigour. But it does not need to be boring or tedious. That is why I decided to put up a list of resources of my choosing. The criteria are rather basic: content needs to be diverse, engaging, accessible. I curated the below list of podcasts, in English and French. They are fun enough to get you learn things, be it help you out in a self-teaching strive, be it help you spend a more pleasant commute to work.

And naturally, should you have suggestions, let me know: contact details are over here (scroll). Thanks, and enjoy!

Podcasts in English

Podcasts in French