dcsimg

Summer offers to kick-start your cyber security journey. Don’t miss out! 

IT Governance is a leading global provider of IT governance, risk management and compliance solutions, with a special focus on cyber resilience, data protection, the PCI DSS (Payment Card Industry Data Security Standard), ISO 27001 and cyber security.  We are committed to helping organisations protect themselves and their customers from the perpetually evolving range of cyber threats. Our deep … [Read more...]

How to respond to a data breach

Under the EU GDPR (General Data Protection Regulation), organisations must report personal data breaches to their supervisory authority within 72 hours of discovering or becoming aware of it. You might think that’s an impossibly short deadline, but don’t fear, you’re not expected to provide a comprehensive report at this stage. The process is simply to ensure that organisations are aware of … [Read more...]

The GDPR: How to send sensitive information by email

Organisations always have to worry about the security of the information they send by email. You can never be certain who has access to your messages, and everyone has probably been guilty at least once of sending a message to the wrong person or accidentally hitting ‘reply all’.  Your misdelivered message might have only contained mundane chatter and left you feeling embarrassed. However, if your … [Read more...]

Majority of EU member states missed NIS Directive deadline

Critical service providers across Europe are in for a bumpy ride later this year, and they have their governments to thank. These organisations are subject to the NIS Directive (Directive on security of network and information systems), which each EU member state was required to transpose into national law by 9 May 2018.  However, we’re now three months past that deadline and only 11 nations have … [Read more...]

Are you #BreachReady?

It seems like we hear about yet another data breach on a daily basis, with recognised companies such as Ticketmaster and Dixons Carphone – to name but a few – suffering at the hands of criminal hackers. If you think it only happens to large organisations, think again Since the EU’s GDPR (General Data Protection Regulation) came into effect in May, the DPC (Data Protection Commissioner) has dealt … [Read more...]

Meeting ISO 27001’s staff awareness training requirements

Staff awareness training is one of the most effective ways of preventing data breaches. That’s why it’s at the front and centre of ISO 27001, the international standard that describes best practice for an ISMS (information security management system).  The Standard recognises that, although technological defences are essential, their use is limited if employees make careless mistakes. There’s … [Read more...]

Finding the right candidate to be your DPO

Complying with the EU GDPR (General Data Protection Regulation) is mostly about hard work and organisation, but there’s also a little bit of luck involved – at least when it comes to appointing a DPO (data protection officer). The position, which is mandatory for many organisations under the GDPR, has caused a massive spike in demand for data protection experts. Unless the perfect candidate falls … [Read more...]

Save time and money with our ISO 27001 special offer

ISO/IEC 27001:2013 (ISO 27001) is the international standard that describes best practice for an ISMS (information security management system). Achieving accredited certification to ISO 27001 demonstrates that your company is following information security best practice, and provides an independent, expert verification that information security is managed in line with international best practice … [Read more...]

Are you prepared for an information security breach?

Data breaches are a massive problem for all organisations. In its latest Data Breach Level Index, digital security company Gemalto found that, in 2017, more than 2.6 billion records were compromised in publicly disclosed data breaches. This is the equivalent of more than 7 million records per day, or 82 records per second.  Despite this, there’s a lot of hope for the future. The increased media … [Read more...]

Who requires a DPO?

As of 25 May 2018, the EU GDPR (General Data Protection Regulation) is the primary piece of legislation governing data protection. The requirement for Irish organisations to register their data processing activities with the DPC (Data Protection Commission), which existed under the previous regime, no longer applies. However, under the GDPR, certain organisations are required to appoint a DPO … [Read more...]