January 28th is International Data Privacy Day and serves as a reminder of the growing importance of data in our organisations and how we must protect it.
Information security management is no longer driven by the fear of security breaches alone. There is now a growing urgency to meet stringent data privacy requirements of legislation, such as the new General Data Protection Regulation (GDPR). Failure to do so could soon result in hefty fines for non-compliance.Keep reading >
You are only as secure as your weakest link
Keeping information secure within your organisation rests on the actions of your staff. You can develop strong policies for information security. You can patch, monitor and defend your systems against attacks. You can get certificates and accreditations for all the key standards like; Cyber Essentials, PCI DSS and ISO 27001.
But it can all go wrong with one phone call.Keep reading >
The scene has been set as the next major framework in EU privacy regulations was formally proposed and published* on 10th January 2017 by the European Commission in Brussels.
The new Privacy and Electronic Communications (e-Privacy) Regulation, if implemented, would update current rules on the confidentiality of electronic communications. It aims to bring over-the-top service providers (“OTT”) within scope of the EU’s e-Privacy laws for the first time.Keep reading >
We should qualify that there are, of course, no real ‘cheats’ available when seeking ISO 27001 accreditation.
At least not the sort that will give you an ISMS (information security management system) that can be externally accredited. And, according to the Government Cyber Security Breaches Survey 2016*, of those organisations surveyed, 42% looked for ISO 27001 to test or validate the security of providers of online services. This is likely to increase as vendors look to secure their complete supply chain.Keep reading >
2016 will be remembered by many for some of the alarming cyber events that took place.
There were the allegations that the Russians may have influenced the US presidential campaigns through email interference.
Yahoo announced 500 million user accounts were stolen in 2013, endangering the terms of their acquisition negotiations with Verizon.
Outages of nearly 11 hours disrupted over 1 billion users worldwide in one of the largest cyber attacks in internet history. A DDoS attack on US DNS provider, Dyn, affected major sites including eBay, Twitter, Reddit, Spotify, and Amazon.Keep reading >