dcsimg

Looking for a cyber security qualification? Try CISSP

If you’re interested in gaining a high-ranking position in the information security industry, your best bet is probably the CISSP® exam (Certified Information Systems Security Professional) qualification.  In this blog, we’ll tell you why it’s the most valuable training course for those entering the industry and explain everything you need to know before enrolling on a training course.    The … [Read more...]

How IT Governance can help with your cyber security concerns

Cyber security is a complex topic, so we wouldn’t be surprised if you had questions about what your organisation should be doing. The threat of data breaches grows each year, organisations process more information than ever and the regulatory landscape is becoming a minefield to navigate.  Fortunately, IT Governance’s team of experts has the answers, and our extensive range of … [Read more...]

What is an information security policy?

An information security policy is a set of instructions that an organisation gives its staff to help them prevent data breaches. Employees are involved in many of the most common causes of security incidents, whether directly (such as accidental breaches) or indirectly (such as phishing scams), so thorough guidelines are essential. How do you create information security policies? Your … [Read more...]

Top 5 tips for tackling the rising threat of data breaches

Cyber security is a daunting topic. Every week there’s a new big data breach, experts are constantly warning that “you’re next”, and the threat of fines and other disciplinary action under the GDPR (General Data Protection Regulation) lingers over all of us. To help you understand how to address these issues, IT Governance Director Steve Watkins gave us his top five tips for staying … [Read more...]

PCI DSS: The importance of penetration testing

Often, organisations rely on vulnerability scans to identify their weaknesses. They are told that vulnerability scanning is as good as penetration testing and that it will be enough to meet the compliance requirements of the PCI DSS (Payment Card Industry Data Security Standard).  However, scanning and testing perform two different jobs, and the PCI DSS mandates that you conduct both on a regular … [Read more...]

Penetration testing and the EU GDPR

Data breaches are on the rise and affecting Irish organisations, most recently Eir and Cork City Council’s Park by Phone service.  Criminal hackers are gaining access to organisations’ networks using a variety of techniques, so ensuring your network is secure should be high on your agenda. Penetration testing is an effective method of determining the security of your networks and web applications, … [Read more...]

Is it legal for organisations to request your date of birth?

When you sign up for an online service, you’re often asked to provide personal details. Usually, you won’t have a problem with this: an organisation obviously needs your name and email address to contact you. But when they start asking for seemingly unnecessary information, you might get concerned. Why do you need to give your date of birth when downloading a green paper? Or to create an account … [Read more...]

How effective are the GDPR’s rules on the age of consent?

If you’ve ever used an online service that requires age confirmation, you’re probably aware of how inadequate the restrictions usually are. All you’re asked to do is check a box or provide your date of birth. There’s no evidence required, and no one will follow up to make sure you were telling the truth.  Until recently, there were no signs that anybody was particularly bothered by these lax … [Read more...]

July book of the month: A bumper ISO 27001 edition

Every month, IT Governance selects a book of the month from our extensive catalogue of cyber security guides, but this month we’ve been decided that one book just wasn’t enough. That’s why we’ve picked The ISO 27001 Expertise Bundle, which comprises four invaluable guides to help you understand and implement the information security standard.  Here’s an overview of each book and why you … [Read more...]

Online anonymity has allowed cyber crime to thrive

Online anonymity is a complicated topic. There’s no doubt that the elasticity it gives our identities is a massive benefit. We can explore different sides of our personality without affecting the reputation of any other part of us. Unfortunately, that’s also proven to bring out the worst in some of us, with people committing acts online that they would never do in person. Cyber bullying and mob … [Read more...]