dcsimg

Nine steps to successful ISO 27001 implementation

It may be something of a cliché but, for information security management system (ISMS) projects, it is certainly true to say that ‘well begun is half-way done’. The person charged with leading an ISO/IEC 27001:2013 ISMS project has to reduce something that looks potentially complex, difficult and expensive in terms of time and resources, to something that everyone believes can be achieved in the … [Read more...]

Cyber attacks and data breaches in review: November 2019

The numbers don’t tell the full story this month. There may have been 1.34 billion breached records disclosed, but almost all of them came from a single incident of ambiguous origin.  Likewise, there were an abnormally high number of incidents in which the organisation didn’t reveal the number of affected records, so it’s a hard month to define in terms of cyber security success.  What we are sure … [Read more...]

Q & A: The challenges for Data Protection Officers (DPOs)

Under the GDPR (General Data Protection Regulation), many organisations are required to appoint a DPO (data protection officer). Our recent webinar, ‘Challenges for data protection officers (DPOs)’, provided an introduction to the role and its requirements, covering the DPO’s responsibilities and the challenges they face. This was followed by a Q&A session with our GDPR expert Alice … [Read more...]

Why your organisation should implement ISO 27701

There’s a new standard for data privacy: ISO 27701. Released earlier this year as an extension to the ISO 27000 series, it provides essential guidance to help organisations protect sensitive information and meet data subject rights.  ISO 27701 fills a gap left by the GDPR (General Data Protection Regulation), which contains strict rules about privacy management but doesn’t advise organisations on … [Read more...]

5 things you must do to avoid data breach disaster

Some of the most disastrous consequences of data breaches occur not from the incident itself but as a result of organisations’ inability to respond quickly and effectively.  You can’t assume that a data breach is a negligible risk that you’ll deal with if it ever happens. That’s because your chances of being breached are much higher than you might think. In fact, the insurance … [Read more...]

Develop better cyber security by taking a wider view of the threats

Technology giveth and technology taketh away, and not always in equal measure. A new technology sometimes creates more than it destroys. Sometimes, it destroys more than it creates. But it is never one-sided. (Postman, 1990)  Despite Postman’s dire prediction, society has profited immensely from the development, implementation, and operation of new information technologies. Our lives have been … [Read more...]

The GDPR has led to a spike in DSARs (data subject access requests)

Depending on who you ask, the GDPR (General Data Protection Regulation) has either overhauled the way organisations handle personal data or it’s a complex and ultimately pointless piece of bureaucracy.  Fortunately, the number of people in the latter camp has shrunk in the past year or so, as the GDPR has proven to have a tangible effect on business. And we’re not just talking about fines, both … [Read more...]

Does your organisation’s data protection policy comply with the GDPR?

The introduction of the GDPR (General Data Protection Regulation) has meant that organisations across Europe must be a lot more rigorous about the way they handle people’s personal data.  One of the most important steps is to create a data protection policy to make sure employees know exactly what they should and shouldn’t do when processing or storing sensitive information.    What a data … [Read more...]

Advance your career with ISO 27001 certified training

Continual professional development is vital for professionals to develop the skills, knowledge and experience needed to deliver best practice and compliance in any organisation, and will help you progress in your career.    Why achieve certification in ISO 27001? ISO 27001 is one of the most popular cyber security standards in the world, with certifications growing by more than 450% in the … [Read more...]

How cyber insurance can help you manage information security risks

For years, organisations have been looking for ways to avoid the potentially catastrophic consequences of data breaches. They might have finally found the answer in the form of cyber insurance.  Like any insurance policy, cyber insurance helps cover the costs associated with relevant damages. This includes things like loss of productivity, assisting those affected by the breach and fixing … [Read more...]