dcsimg

The GDPR: How to send sensitive information by email

Organisations always have to worry about the security of the information they send by email. You can never be certain who has access to your messages, and everyone has probably been guilty at least once of sending a message to the wrong person or accidentally hitting ‘reply all’.  Your misdelivered message might have only contained mundane chatter and left you feeling embarrassed. However, if your … [Read more...]

Majority of EU member states missed NIS Directive deadline

Critical service providers across Europe are in for a bumpy ride later this year, and they have their governments to thank. These organisations are subject to the NIS Directive (Directive on security of network and information systems), which each EU member state was required to transpose into national law by 9 May 2018.  However, we’re now three months past that deadline and only 11 nations have … [Read more...]

Meeting ISO 27001’s staff awareness training requirements

Staff awareness training is one of the most effective ways of preventing data breaches. That’s why it’s at the front and centre of ISO 27001, the international standard that describes best practice for an ISMS (information security management system).  The Standard recognises that, although technological defences are essential, their use is limited if employees make careless mistakes. There’s … [Read more...]

The top cyber security trends of 2018 so far

There have been more than 600 data breaches this year, so people who want to pick out the most serious incidents have plenty to choose from. It’s not simply a case of finding the breaches involving the highest number of stolen records, because a breach compromising names and email addresses isn’t the same as a breach compromising payment card information. Besides, infrastructural damage and … [Read more...]

Are you prepared for an information security breach?

Data breaches are a massive problem for all organisations. In its latest Data Breach Level Index, digital security company Gemalto found that, in 2017, more than 2.6 billion records were compromised in publicly disclosed data breaches. This is the equivalent of more than 7 million records per day, or 82 records per second.  Despite this, there’s a lot of hope for the future. The increased media … [Read more...]

IT Governance offers GDPR training courses across Europe

With the EU GDPR (General Data Protection Regulation) now in effect and organisations desperate for experts, IT Governance is pleased to announce that it will be running 91 GDPR training courses across Europe over the next year.  Whether you’re interested in our Foundation or Practitioner training course, we hope we’re able to bring our expertise to a location near you.  Certified EU GDPR … [Read more...]

How ISO 27001 can help protect your organisation

There’s a reason ISO 27001 is the go-to standard for information security. It details best practices for staying secure, covering the way you manage people, processes and technology. Certifying to ISO 27001 demonstrates that your organisation’s practices are up to scratch, and although it obviously doesn’t eradicate the risk of data breaches, it goes a long way to keeping you secure. If you do … [Read more...]

What makes ISO 27001 the go-to standard for information security?

ISO 27001 is one of the fastest-growing management standards in the world. with the number of awarded certifications increasing by 20% in consecutive years. In 2016 (the last available figures), 33,290 certifications were issued worldwide, and 27,536 certifications were awarded the year before.  ISO 27001 is clearly very popular, but what makes it the standard for information … [Read more...]

52% of web applications contain high-severity vulnerabilities

A new study has highlighted the poor state of web application security. Positive Technologies tested various web applications, and found that every single one contained vulnerabilities, with 52% containing high-severity weaknesses.  The Web Application Vulnerabilities report also found that:  48% of tested applications are vulnerable to unauthorised access;  44% of applications placed personal … [Read more...]

The future for CISOs following the introduction of the GDPR and NIS Directive

The responsibilities of the CISO (chief information security officer) have remained consistent over the years, but big changes in the cyber security landscape in 2018 could spark an evolution of the role.  Largely led by the introduction of the EU GDPR (General Data Protection Regulation) and the NIS Directive (Directive on security of network and information systems), organisations are shifting … [Read more...]