GDPR #infosec question. If, during internal audit you discover a sensitive data folder has weak permissions so any employee could have accessed its contents, would you give the ICO an initial heads up or wait until after full investigation was possible?
Would it change your approach if it was a holiday weekend? If you investigate now it's 3-4x the cost. If you wait it's >72 hours before you even start. Even if you start now, you might not have a good answer in 72 hours.
Just to be clear, this is not a subtweet. It's on the back of an ongoing discussion around policy documents. I'm not hinting there has been a breach!
You can follow @tazwake.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more