dcsimg

Data protection authority releases guidance on Cloud computing

If your organisation uses Cloud services, you’ll be aware of their many benefits. But have you thought about the data protection risks? With the EU General Data Protection Regulation (GDPR) taking effect on 25 May 2018, this question is more pressing than ever.  The apparent security of the Cloud has led some organisations to store as much data in it as possible. However, the Cloud is vulnerable … [Read more...]

Danish rail network DSB hit by cyber attack

DSB, the Danish state rail operator, was hit by a distributed denial-of-service (DDoS) cyber attack on Sunday, April 13. A DDoS attack attempts to disrupt a host or network from connecting to the Internet in order to render a network or machines unavailable. It meant that passengers were unable to buy tickets on Sunday, and purchases through DSB’s ticket machines, app, website and retail stores … [Read more...]

9 steps to implementing ISO 27001

There are many reasons to adopt ISO 27001, the international standard that describes best practice for an information security management system (ISMS). It helps organisations improve their security, comply with cyber security regulations, and protect and enhance their reputation. But implementing the Standard takes a lot of time and effort. That should be obvious, at least if you believe the … [Read more...]

The GDPR: What you need to know about DPIAs

Article 35 of the EU General Data Protection Regulation (GDPR) introduces the concept of data protection impact assessments (DPIAs). DPIAs help organisations identify and minimise privacy risks in data processing activities. They are essential if you process any high-risk data, but they are also relevant when you are introducing a new data collection process, system or technology. An effective … [Read more...]

How to create a strong password

“My password was hacked”: it’s the go-to excuse for people who post something regrettable on social media. Numerous celebrities, famous athletes and politicians have attempted to negate scandals by framing themselves as victims of a cyber attack. Perhaps some of them were telling the truth, but they’re hardly admonishing themselves of blame by admitting to being – or pretending to be – so bad at … [Read more...]

The importance of ISO 27001: A consultant’s perspective

ISO 27001 is the third fastest-growing management standard in the world, with certifications growing at an annual rate of 20%. It may be time to consider the Standard for your organisation. Achieving accredited certification to ISO 27001 demonstrates that your organisation is following information security best practice, and delivers an independent, expert assessment of whether your data is … [Read more...]

Why ISO 27001 is integral to data protection compliance

With the EU General Data Protection Regulation (GDPR) compliance deadline on the horizon, any organisation that processes EU residents’ personal data will likely be exploring implementation options to help tackle its compliance project, if it hasn’t already done so. Supervisory authorities such as Ireland’s Data Protection Commissioner (DPC) have highlighted ISO 27001, the international standard … [Read more...]

The GDPR and Brexit

In less than a month from now, the General Data Protection Regulation (GDPR) comes into force across the EU. It is expected that businesses and charities across Ireland have taken the necessary measures, such as preparing new policies, appointing chief information security officers, restricting IT admin rights and installing firewalls and controls over company-owned devices, to ensure compliance … [Read more...]

How to spot a phishing attack

Phishing is one of the biggest threats that individuals and organisations face, but do you know what they are, what they look like, and where to look for them? In the broadest sense, phishing is any attempt to pose as a trustworthy source in order to get people to hand over personal information. Phishing usually takes the form of mass emails sent to hundreds or thousands of people, criminals can … [Read more...]

What is the NIS Directive ?

The Directive on security of network and information systems (NIS Directive) aims to achieve a high common level of network and information systems security across the EU. The Directive applies to two groups. The first, operators of essential services (OES), includes the health, energy, water and transportation sectors. The second, digital service providers (DSPs), covers online search engines, … [Read more...]