54% of organisations miss out on many of the benefits of ISO 22301

Business continuity is essential to any organisation’s cyber security practices, and those adopting its principles should follow the requirements of ISO 22301, the international standard that describes best practice for a business continuity management system (BCMS). The 2018 Horizon Scan Report found that 70% of respondents now use the Standard, which suggests that organisations are beginning to … [Read more...]

The ‘Beast from the East’ – how did your organisation fare?

With bitterly cold weather and heavy snowfall causing widespread travel chaos across Ireland, the UK and mainland Europe last week, many organisations were forced to close their doors. The Irish government issued a red alert on Thursday and Friday and urged the public to remain indoors until Friday evening, meaning many companies had to close. As this was the second red alert in 12 months that … [Read more...]

Are your employees aware of their PCI DSS obligations?

If your organisation collects cardholder data, you need to comply with the Payment Card Industry Data Security Standard (PCI DSS). The Standard was designed to help organisations manage card payments securely, and is regulated by major card brands (Visa, Mastercard, American Express, JCB and Discover). Failure to comply with the PCI DSS will lead to disciplinary action and reputational damage, but … [Read more...]

4 reasons your organisation should conduct regular penetration tests

“No one would want to steal my information.” People often say this to us, but they’re wrong. Every organisation has something worth stealing, whether it’s personal information, payment card data, medical records or intellectual property. Cyber criminals know this and usually cast a broad net with their attacks, looking to exploit any weakness. Small and medium-sized enterprises (SMEs) are … [Read more...]

Breach at Norway’s largest healthcare authority was a disaster waiting to happen

More details have emerged on the data breach at Norway’s largest healthcare authority, in which up to 3 million people may have had their data stolen. The attack on Helse Sør-Øst RHF (Health South-East) appears to have focused on patient records and the health service’s relationship with Norway’s armed forces. AldriMer reported that the criminal hackers were looking for information related to … [Read more...]

Six cyber security concerns from European cyber security professionals

The 2017 Black Hat Europe Attendee Survey reveals cyber security professionals’ concerns about the current European cyber security environment. These concerns highlight why the introduction of the Directive on Security of Network and Information Systems (NIS Directive) in May 2018 is so vital to protecting the EU’s infrastructures from security breaches. Source: The 2017 Black Hat Europe Attendee … [Read more...]

Business continuity: Why organisations should plan for the worst

Targeted attacks by skilled and persistent cyber criminals are now a business reality, so organisations need to have an effective business continuity plan in place to ensure their survival. Growing concern about cyber attacks In September 2017 the European Commission reported that 80% of European organisations suffered at least one cyber security incident and the economic impact of cyber crime has … [Read more...]

Finland adjusts its information security plans to prepare for compliance with the NIS Directive

On 19 December, the Finnish Ministry of Transport and Communication submitted a proposal to parliament laying out amendments to the nation’s current cyber security legislation that may be necessary in order to comply with the upcoming EU Directive on Security of Network and Information Systems (NIS Directive). The NIS Directive – what is expected? The NIS Directive will be transposed into law by … [Read more...]