Tag: Privacy

Cybersecurity & Data Privacy Virtual Summit 2026 

nielharper

It was my esteemed pleasure to have participated in the Cybersecurity & Data Privacy Virtual Summit 2026 these past 4 days.

I shared the “virtual floor” in 2 sessions with Dr. Bright Gameli Mawudor and Godphey Sterling and we discussed the various elements of a successful response to a cybersecurity breach, specifically looking at the Technical Response to neutralize the threat and a Strategic Response to manage business operations, legal obligations, and reputation damage.

We also touched on several topics of critical importance to cyber capacity building in the Global South (e.g., national cybersecurity strategy, CSIRTs, critical infrastructure protection, security awareness, privacy, public sector security standards, supply chain risk management, open-source as an alternative for cost containment, security in emerging technologies, international cooperation, etc.).

Kudos to the other amazing professionals who delivered top-tier presentations and deep knowledge sharing with the captive audience: Grace Lindo, Jason Lau, Rory Ebanks, Greg Richards, Kellye-Rae Campbell, Ann Cavoukian, Karnika Seth, Rosalind Lake, and Deborah Hileman.

Special thanks to Douglas Davidson for the invitation to impart my knowledge and experience and to Andrea Chisholm Anglin for her expert hosting of the event.

The Current Debate on the UK Digital ID (“BritCard”) is Misleading – Here’s Why!

nielharper

The current negative debate about the BritCard is misleading because it largely relies on outdated assumptions about technology and centralization, ignoring the fundamental privacy safeguards that several countries have proven work effectively. The central flaw in the critical narrative is that it assumes a 21st-century digital ID is equivalent to the 1950s physical paper card or a single, insecure database. As with any technology, there are pros and cons to digital ID, but to act like it’s mass surveillance or gratuitous privacy violating is just wrong. What’s even more concerning to me is that a lot of the misinformation is being peddled by “privacy experts”.

Progressive countries like Singapore, Belgium, Austria, Estonia, Sweden, Denmark, Canada, Australia, Poland, Netherlands, UAE, and Germany all have digital ID systems. Digital ID facilitates streamlined access to services, increased efficiency, financial inclusion, reduced fraud, and enhanced security. Regarding privacy, they actually allow for contextual data sharing, which privacy experts have asked for repeatedly.

Data protection legislation and digital identity legislation have been coupled together in many countries to establish standards for security, user consent, data protection, and independent regulation. Moreover, privacy and security controls like zero knowledge protocol, unique ID verification, secure storage, data minimization, decentralized data exchange, and biometric safeguards, among others are employed to protect the privacy of individuals.

I have digital IDs for Denmark, Estonia, and Germany, and they are nothing like what these negative arguments suggest.

NOTE: The proposed central use case for the BritCard of combating illegal immigration is ill conceived and distorts the debate around the pros and cons of digital ID.

AuditBoard names 25 CISOs to watch in 2025

nielharper

In the rapidly evolving landscape of cybersecurity, innovative Chief Information Security Officers (CISOs) play a pivotal role in safeguarding organizations against AI-driven threats, ransomware attacks, and supply chain vulnerabilities. To acknowledge and applaud those leading the charge in tackling these challenges, AuditBoard has carefully chosen 25 CISOs who exemplify a dedication to enhancing cyber risk defenses and sharing their insights with the information security (infosec) community.

This curated list showcases the industry’s most resilient and forward-thinking cybersecurity experts. The 2025 selection highlights individuals who are at the forefront of navigating the ever-changing digital risk landscape, demonstrating resilience and innovation in their approach to cybersecurity leadership.

Thank you AuditBoard for your recognition alongside these amazing industry titans!

Each of these individuals has made a significant contribution to the profession, to industry, and to the organizations they work for. Massive respect goes out to each of them!

He Said Security / She Said Privacy Podcast – ISACA 2025 State of Privacy Survey Findings

nielharper

I thoroughly enjoyed tag teaming with Safia Kazi to discuss the key findings of the ISACA State of Privacy Survey with Jodi Daniels and Justin Daniels on the ‘He Said Security / She Said Privacy’ podcast.

We touched on some important topics such as:

  • How companies are handling privacy staffing shortages
  • The growing demand for technical privacy expertise and how privacy pros can adapt
  • AI’s role in transforming privacy operations and its risks
  • The impact of shrinking privacy budgets
  • How board-level buy-in impacts company-wide privacy programs
  • Why privacy by design remains a challenge for many organizations
  • Safia’s and my personal privacy tips

Check out the podcast and let us know what you think!

Security Magazine Top Cybersecurity Leaders for 2025

nielharper

I would like to express my sincere gratitude to Security Magazine for recognizing me as one of the Top Cybersecurity Leaders for 2025.

I have always been a fan of Security Magazine and their laser focus on providing information and solutions on risk management, cybersecurity, physical security & safety, and other related industry trends. So this recognition from them is particularly appreciated.

Heartiest congratulations to my good friend Jason Lau and the other awardees Anmol Agarwal, Jay Gonzales, Sandra Cavazos, and David Baker – Your commitment to digital trust and your service to the profession are mighty!

Many thanks as well go out to the amazing teams I have led at INTERPOL, Doodle, and other companies. You are the real champions!

New ISACA Research: 63 Percent of Privacy Professionals Find Their Jobs More Stressful Now Than Five Years Ago

nielharper

The ISACA State of Privacy 2025 survey report, which gathered responses from over 1,600 privacy professionals globally, revealed that 63% of these professionals find their roles more stressful than they were five years ago, with 34% reporting a significant increase in stress levels. The primary sources of stress identified in the survey were the rapid pace of technological advancements (63%), difficulties with compliance (61%), and a lack of resources (59%).

“In an increasingly complex international regulatory environment, often with lacklustre resources, it is understandable that many privacy professionals are feeling strain from their efforts to stay compliant and keep their organizations’ data safe. Addressing these challenges and getting practitioners the support they need will be vital to not only ensure a healthy privacy workforce, but also to maintain data integrity and security, and avoid potential harm to data subjects.” I made these comments via BusinessWire on the report to emphasize not only the challenges associated with implementing privacy programs, but also the importance of organizations demonstrating their commitment to data governance, data ethics, privacy rights, and overall digital trust.

With AI, the privacy landscape has changed dramatically, including the regulatory burdens for companies. Continued leadership in the boardroom, at the executive level, as well as embedding privacy principles in organizational values is integral to nurturing the trust relationship between enterprises, their customers, and society at large.

Human Resources and Cybersecurity (The Dynamic Duo)

nielharper

The human resources (HR) function has become integral to cyber risk management in recent years.

In this CYBER CONNECT podcast, my amazing colleague Jessie Lajoie (Chief of People Ops & Culture) and I discuss how we effectively model our organizational value of collaboration towards achieving the optimal security culture at Doodle.

Our ongoing cooperation spans across the areas of identity and access management (IAM), incident response, security awareness training, data governance, asset management, privacy compliance, and third-party risk management (TPRM), among others.

You can view the full session on YouTube!

AI Under Control: Protecting Your Business from Emerging AI Risks

nielharper

Earlier today, I participated in a panel discussion hosted by Baruch College (City University of New York) titled, ‘AI Under Control: Protecting Your Business from Emerging AI Risks.’

Our exchanges touched on critical challenges in evaluating AI system risks, adversarial attacks, data privacy, and bias in AI models, among other challenges. We also shared practical controls for ensuring AI fairness, governance, and security, along with risk mitigation strategies. The overall focus was on offering the attendees practical solutions to managing AI risk.

Many thanks to Professor Patrick Slattery for the invitation to participate.

Also, much appreciation to the other panelists (Dr. Yogesh Malhotra, Patricia Voight, and Benjamin Dynkin) for sharing their experiences and ideas!

The Caribbean Cybersecurity Pandemic – Building a Digital Trust Model

nielharper

Citizens and customers are increasingly losing confidence and trust in their governments and the corporations that develop and deliver online services. From AI to crypto marketplaces to the Internet of Things (IoT), personal data leaks to unethical use of data analytics to supply chain breaches, technology vendors’ and digital service providers’ repeated failures have severely damaged the trust model at the core of their relationships with their customers. There’s no doubt that digitalisation can drive human, social, and economic development. Simultaneously, surveys and research have shown a concerning decrease in trust in online platforms and associated social institutions.

Today, I presented at the Development Dialogue Seminar of the Caribbean Development Bank (CDB) on the topic of building a digital trust model. The backdrop for the discussion was what many see as the ‘Caribbean Cybersecurity Pandemic’ – The avalanche of cyberattacks that have impacted private and public sector entities across the region – and how this correlates to the decrease in trust and limited uptake by citizens of online services (e.g., e-commerce, e-government, social media, fintech, and others).

Leveraging the World Economic Forum’s Digital Trust Framework, I discussed the key goals and dimensions (e.g., security, reliability, accountability, oversight, ethical use, privacy, fairness, redressability, etc.) underpinning digital trust as well as the capabilities needed to operationalise them.

Check out my presentation and let me know your thoughts!

Navigating cybersecurity: Insights and tips from Niel Harper, Doodle’s CISO

nielharper

“As our lives become more intertwined with the digital world, the need for robust cybersecurity has never been greater. From protecting sensitive company data to safeguarding our personal information, the stakes have never been higher.

We spoke with Niel Harper, Doodle’s Chief Information Security Officer and Data Protection Officer, to better understand this ever-evolving landscape. He recently won a Senior Professional Award with ISC2, a leading non-profit organization that specializes in cybersecurity training and certifications. Earlier this year, a New York Times advertisement by Lacework also featured him as an outstanding leader in cybersecurity.

In this interview, we’ll discuss his background and role at Doodle, trends in cybersecurity, how to secure customer data, and how small-to-medium businesses (SMBs) can protect themselves in this ever-evolving landscape.”

Honored to be featured in this interview where I talk about cybersecurity trends, protecting customer data, and what businesses can do to stay safe.

Take a look and share your thoughts: https://bit.ly/47KGm2o