dcsimg

6 must-have information security policies

Information security policies are an often-overlooked part of an organisation’s defence measures. An effective policy informs the way employees handle cyber security threats, ensures that they use defence technologies properly and indicates board-level support for cyber security.  In this blog, we outline six essential information … [Read more...]

What is an information security policy?

An information security policy is a set of instructions that an organisation gives its staff to help them prevent data breaches. Employees are involved in many of the most common causes of security incidents, whether directly (such as accidental breaches) or indirectly (such as phishing scams), so thorough guidelines are essential. How do you create information security policies? Your … [Read more...]

Further your career with certified ISO 27001 training

At IT Governance Europe, we believe that an ISO 27001 qualification is something that every cyber security professional should have. As such, we’ve made our ISO 27001 courses available in classrooms, online and in-house. These courses have been designed to teach attendees the skills required to plan, implement, maintain and audit a best-practice information security management system (ISMS) in … [Read more...]

Securing 2019 with ISO 27001

2018 was a mixed bag for information security. According to the Identity Theft Resource Center’s 2018 End-of-Year Data Breach Report, there were fewer recorded data breaches compared to 2017, but there was a 126% increase in the number of breached records. As you might expect, the business sector suffered both the most data breaches (571 of 1,244 total) and the highest number of breached … [Read more...]

GDPR-compliant organisations reaping the benefits, study finds

Organisations that meet the requirements of the GDPR (General Data Protection Regulation) experience a wide variety of benefits, according to a new Cisco report. The 2019 Data Privacy Benchmark Study demonstrates that GDPR compliance makes organisations less susceptible to data breaches, as you’d expect, but it also streamlines business processes and helps win … [Read more...]

The 4 stages of cyber resilience

The cyber threat landscape has evolved rapidly in the past few years. Organisations are increasingly reliant on technology and more eager than ever to collect personal data, but without the resources to protect their systems, cyber crime has flourished. We’ve reached a point where there are so many crooks and potential vulnerabilities that it’s foolish to suggest that you can prevent breaches … [Read more...]

Have you met the PCI SSC’s new QSA requirements?

As of 2019, the qualification requirements for QSAs (Qualified Security Assessors) have become much tougher. Assessors must now gain an information security and an IT audit certificate. Under the previous rules, QSAs were only required to hold one of those qualifications. The rule change took effect on 1 January 2019 for new QSAs. Those who were already qualified have until 1 July 2019 to gain … [Read more...]

3 fundamental IT issues and how you can resolve them

Every organisation has its own unique challenges, but some issues are so fundamental to business operations that they are practically universal. This blog outlines three common problems, and offers a solution for understanding and tackling them. 1. Staff awareness According to Leron Zinatullin, author of The Psychology of Information Security, one of the biggest problems … [Read more...]

Meet your risk assessment requirements with vsRisk Cloud

Risk assessments play an essential role in information security, as they are the primary way organisations identify vulnerabilities and the ways data breaches can occur. The results of the risk assessment dictate defence strategies and are used by senior staff to allocate information security and business continuity budgets. This shouldn’t be a surprise for organisations that follow the … [Read more...]

July book of the month: A bumper ISO 27001 edition

Every month, IT Governance selects a book of the month from our extensive catalogue of cyber security guides, but this month we’ve been decided that one book just wasn’t enough. That’s why we’ve picked The ISO 27001 Expertise Bundle, which comprises four invaluable guides to help you understand and implement the information security standard.  Here’s an overview of each book and why you … [Read more...]