dcsimg

Accelerate your compliance project with our free ISO 27001 bundle trial

The growing risk of data breaches coupled with the GDPR’s (General Data Protection Regulation) strict regulatory requirements has led many organisations to look for proven, affordable ways to achieve robust cyber security.  For many, the solution has come in the form of ISO 27001, the international standard for information security.  The most recent … [Read more...]

‘We need bigger cyber security budgets’, organisations say in new survey

Organisations need to invest more money into cyber security defences if they are to fight back against the growing threat of data breaches, an Ernst & Young survey has found.  According to the professional services firm’s Global Information Security Survey 2018–19, 87% of respondents said they don’t have the budget to deal with … [Read more...]

What are the 6 data protection principles of the GDPR?

A version of this blog was originally published 31 January 2018.  The GDPR (General Data Protection Regulation) outlines six principles that organisations must follow when collecting, processing and storing individuals’ personal data. Data controllers are responsible for complying with those principles, and they must have documented proof of how the organisation is meeting … [Read more...]

10 steps to GDPR compliance: How prepared are you?

This blog has been updated to reflect industry changes. Originally published 16 October 2017.  It’s not too late to comply with the GDPR (General Data Protection Regulation). The Regulation might have come into effect last year, but it’s requirements need to be regularly reviewed. As such, it doesn’t matter what your compliance posture was six months or a year … [Read more...]

Are you aware of your organisation’s cyber security vulnerabilities?

With 557 reported data breaches in 2018, it’s safe to say that cyber security should be a top priority for all organisations.  Most organisations are already well-aware of this threat and are pouring money into their security budgets. Gartner estimates that worldwide cyber defence spending could hit $114 billion (about €102 billion) in 2019, as organisations … [Read more...]

How the GDPR affects cookie policies

Updated to reflect developments since the GDPR took effect. Originally published on 15 September 2017.  Cookies are mentioned only once in the GDPR (General Data Protection Regulation), but the repercussions are significant for any organisation that uses them to track users’ browsing activity.  Recital 30 of the GDPR states:  “Natural persons may be associated with … [Read more...]

A 5-step guide to reporting data breaches under the GDPR

In case you didn’t already know, the GDPR (General Data Protection Regulation) requires Irish organisations to report data breaches to the DPC (Data Protection Commission) within 72 hours of becoming aware of them.  This doesn’t only refer to cyber criminals breaking into your system. It applies to any kind of data breach – i.e. any time the confidentiality, integrity or … [Read more...]

5 things you should do to improve your organisation’s staff awareness

Organisations and employees often think of staff awareness training as a hassle. Work grinds to a halt as you’re hauled off to a meeting room and lectured about stuff that probably doesn’t even affect you.  Except that it does. Human error was the primary cause of 46% of data breaches last year, according to Verizon’s 2018 Data Breach Investigations … [Read more...]

The 6 most common ways data breaches occur

The first step towards cyber security is identifying how data breaches occur and the level of risk each one poses.  To help organisations do this, Verizon conducted a year-long investigation into the leading causes of data breaches, publishing its findings in its 2018 Data Breach Investigations Report.  In this blog, we break down … [Read more...]

What is an ISMS and why does your organisation need one?

Those getting started in the information security industry might be wondering why experts are telling them to implement an ISMS. We’re here to explain.  An ISMS (information security management system) is essential for any organisation that’s serious about security. It’s a centrally managed framework that enables you to manage, monitor, review and improve your … [Read more...]