dcsimg

Upcoming ISO 27001 and GDPR webinars. Register today!

ISO 27001   Assessing compliance: the ISO 27001 ISMS internal audit  28 September 2018, 2:00–3:15 pm (GMT)  Testing and assessing your information security measures is essential to ascertain whether the controls you have implemented are working effectively. Compliance with the international information security standard ISO 27001 requires continual monitoring and regular reviews of your ISMS … [Read more...]

Why your organisation should consider outsourcing its DPO

Since the EU’s GDPR (General Data Protection Regulation) came into effect in May 2018, demand for DPOs (data protection officers) has increased. The Regulation stipulates that certain organisations must appoint a DPO to support their GDPR compliance. DPOs also have an essential role as intermediaries between relevant stakeholders, such as supervisory authorities, data subjects, and business units … [Read more...]

Did British Airways Violate the GDPR?

Companies around the world have anxiously awaited who will be made an example of under the new GDPR regulations. Under GDPR, entities who violate the regulations are on the hook for stringent fines and civil lawsuits. … [Read more...]

43% of people plan to remove their personal data from social media

If you look someone up on Facebook or LinkedIn, you’ll be able to gather huge amounts of information about them without them ever knowing. Until recently, nobody seemed to think about the risks involved; it was just the way things were, and if you didn’t get on board, you were left out from a whole virtual world.  But thanks to the recent Facebook data scandal and the introduction of the EU GDPR … [Read more...]

Consent is not enough (part 2): GDPR recordkeeping, reporting and notification requirements

Last month, in my article titled Think you’re GDPR compliant? Think again, I wrote about how consent can be key to proving that your organization’s collection, storage, and processing of personal data of individuals is lawful under the GDPR.  Then earlier this month, in part one of the “Consent is not enough” series, I discussed […] … [Read more...]

Penetration testing and the EU GDPR

Data breaches are on the rise and affecting Irish organisations, most recently Eir and Cork City Council’s Park by Phone service.  Criminal hackers are gaining access to organisations’ networks using a variety of techniques, so ensuring your network is secure should be high on your agenda. Penetration testing is an effective method of determining the security of your networks and web applications, … [Read more...]

Benefits of ISO 27001 Certification

IT Governance led the world’s first ISO 27001 certification project and we’ve been at the forefront of the cyber security initiative ever since. Certification to ISO/IEC 27001 demonstrates to existing and potential customers that you have taken the necessary steps to protect your business, and is proof of effective internal security practices, giving you a competitive edge.   Other ways in which … [Read more...]

Free webinar: First steps to GDPR compliance

The GDPR (General Data Protection Regulation) has significantly reshaped the data protection landscape for organisations worldwide that collect and process EU residents’ personal data. The Regulation imposes fines of up to 4% of annual global turnover or €20 million (whichever is greater) for non-compliance.  Data breaches are on the rise and affecting Irish organisations such as Eir, which … [Read more...]

Cork City Council, Park by Phone service breached

More than 5,000 people have been affected by a data breach of Cork City Council’s Park by Phone service. Although the reported breach occurred last Thursday and the relevant authorities were notified on Friday, it has come to light that the breach first occurred in May. Personal details such as car registration numbers, email addresses and mobile phone numbers have been compromised, but no … [Read more...]

Breaking Down the GDPR’s Data Protection Principles, Part 4: Integrity, Confidentiality, and Accountability

It’s been months since the EU’s landmark data protection regulation, the General Data Protection Regulation (GDPR) went into full effect. This means that companies around the world now have to be more careful about the way they handle personal data collected about residents of the EU to ensure the safety and privacy of this information. If they don’t, they could be subject to massive fines … [Read more...]