What are the 6 data protection principles of the GDPR?

A version of this blog was originally published 31 January 2018.  The GDPR (General Data Protection Regulation) outlines six principles that organisations must follow when collecting, processing and storing individuals’ personal data. Data controllers are responsible for complying with those principles, and they must have documented proof of how the organisation is meeting … [Read more...]

Top 5 Human Errors That Could Lead to a Data Breach

It is becoming a widely accepted fact that human error is the root cause of most data breaches. However, the problem with this statement is that it raises more questions than it answers. After all, human error is the root cause of most problems. To clarify what this means in relation to cyber security, below is the top five most cited examples of erroneous behavior that might compromise the … [Read more...]

10 steps to GDPR compliance: How prepared are you?

This blog has been updated to reflect industry changes. Originally published 16 October 2017.  It’s not too late to comply with the GDPR (General Data Protection Regulation). The Regulation might have come into effect last year, but it’s requirements need to be regularly reviewed. As such, it doesn’t matter what your compliance posture was six months or a year … [Read more...]

Businesses Not Able to Recover from Cyber-Security Incidents Quickly Enough

According to a recent poll carried out by cybersecurity firm NTT Security, 59% of respondents said that they were not confident that they could resume “business as usual” 24 hours after a cyber security incident. The poll was conducted over Twitter and attracted approximately 5,500 participants. Businesses were also asked about what their main concerns were when responding to a … [Read more...]

How IT Governance can help with your cyber security concerns

Cyber security is a complex topic, so we wouldn’t be surprised if you had questions about what your organisation should be doing. The threat of data breaches grows each year, organisations process more information than ever and the regulatory landscape is becoming a minefield to navigate.  Fortunately, IT Governance’s team of experts has the answers, and our extensive range of … [Read more...]

6 Tips to Help Remote Workers Protect Their Data

The number of people working remotely rises each year as organizations look to offer more flexibility and reach further outside of their immediate radius when looking for talent. Working remotely has many benefits and some even believe remote workers outperform office workers. However, there are some risks to data security that present themselves more often through remote workers than anywhere … [Read more...]

What is Data Privacy and How to Improve it

Data is a company’s most valuable asset. Yet, we are still seeing many enterprise organizations failing to give their data the proper protection it requires. For companies, compliance auditors and customers alike, the privacy of data is a key concern. So, what exactly is data privacy and how can you ensure that the data you store remains private? What is Data Privacy? Data Privacy (sometimes … [Read more...]

The most common causes of data breaches and how you can spot them

The longer a breach goes undetected, the more embarrassing it is for the organisation in question. But what’s a good target for identifying an incident?  According to Ponemon Institute’s 2018 Cost of a Data Breach Study, it’s 100 days. The average cost of an incident discovered within this timeframe was $5.99 million (about €5.3 million), but if it takes longer, the average rises to … [Read more...]

Why Data Security Should Start from the Inside Out (and How to Do It)

When we speak about data security to our customers, we always advise them that they need to build from the inside out, instead of from the outside in. The most important part of your organization, which for most is the data itself, is the asset that needs to be protected as a priority. When a new bank is planned and built, it isn’t designed around the floorplan or that existing … Read … [Read more...]

Are Organizations Failing When It Comes to the Principle of Least Privilege (PoLP)?

The idea of Least Privilege has been floating around for many years now, and most IT/Security teams are well versed in why it is important and what it takes to implement. However, recent data breaches suggest that simple least privilege principles are not followed by a significant proportion of organizations. If you want your data to be secure, you need to have implemented a strict least privilege … [Read more...]