dcsimg

9 steps to implementing ISO 27001

There are many reasons to adopt ISO 27001, the international standard that describes best practice for an information security management system (ISMS). It helps organisations improve their security, comply with cyber security regulations, and protect and enhance their reputation. But implementing the Standard takes a lot of time and effort. That should be obvious, at least if you believe the … [Read more...]

The GDPR: What you need to know about DPIAs

Article 35 of the EU General Data Protection Regulation (GDPR) introduces the concept of data protection impact assessments (DPIAs). DPIAs help organisations identify and minimise privacy risks in data processing activities. They are essential if you process any high-risk data, but they are also relevant when you are introducing a new data collection process, system or technology. An effective … [Read more...]

How to spot a phishing attack

Phishing is one of the biggest threats that individuals and organisations face, but do you know what they are, what they look like, and where to look for them? In the broadest sense, phishing is any attempt to pose as a trustworthy source in order to get people to hand over personal information. Phishing usually takes the form of mass emails sent to hundreds or thousands of people, criminals can … [Read more...]

Why are so many organisations getting certified to ISO 27001?

What do Microsoft, Verizon, Apple, Google, Intel, and Amazon have in common? As well as all being Fortune 500 companies, they are all ISO 27001 certified. With a global growth rate of 20%, ISO 27001 has become the de facto standard for information security management system (ISMS) certifications. Why are so many organisations getting certified to ISO 27001? Data breaches and cyber attacks are, … [Read more...]

The challenges facing companies in the lead up to GDPR – A consultant’s perspective

Sharon O’Reilly, GRC/GDPR consultant at IT Governance Europe, was interviewed by The Sunday Business Post before her appearance today at the GDPR Summit. She discussed the challenges facing organisations in the lead up to the General Data Protection Regulation (GDPR).  According to Sharon, these challenges include:  Finding/sourcing the right people to drive compliance programmes;  Determining … [Read more...]

12 questions to ask your CISO

With the rise in cyber attacks and increased risk of a data breach, organisation boards are under increased pressure than ever to improve data governance and security. To help organisations ensure that all areas of cyber security are covered, IT Governance’s team of cyber security experts have examined the top 12 questions that you need to ask your CISO. Download this free brochure to … [Read more...]

Possible breach at INM threatening ‘the very core’ of investigative journalism

The Office of the Data Protection Commissioner (ODPC) has claimed that data relating to former and current staff at Independent News & Media (INM), including four journalists and former directors, has been breached. The Office of the Director of Corporate Enforcement (ODCE) was concerned that data was removed from the organisation’s premises in October 2014, and subsequently taken out of the … [Read more...]

Learn how to audit and monitor conformance to ISO 27001 with our Lead Auditor Training Course in Cork

Acquire an industry-leading qualification to audit an ISO 27001 information security management system (ISMS). Our team led the world’s first ISO 27001 certification project and we’ve helped more than 7,000 professionals with ISO 27001 training. For the first time, IT Governance’s ISO 27001 Lead Auditor Training Course will be held in Cork. What will you learn on this course? How to use audits to … [Read more...]

The GDPR and the future of location-based advertising

Not so long ago, marketers believed programmatic advertising (the use of someone’s personal data to create targeted ads) was “the next big thing”, but many people now claim that the EU General Data Protection Regulation (GPDR) is the “death knell” for this practice. One of the most common forms of programmatic advertising uses geo-tracking to target adverts based on someone’s location. It’s the … [Read more...]

Are your employees aware of their PCI DSS obligations?

If your organisation collects cardholder data, you need to comply with the Payment Card Industry Data Security Standard (PCI DSS). The Standard was designed to help organisations manage card payments securely, and is regulated by major card brands (Visa, Mastercard, American Express, JCB and Discover). Failure to comply with the PCI DSS will lead to disciplinary action and reputational damage, but … [Read more...]