ISMS.online Blog
Keeping you up-to-date on the world of information security and compliance.
Customers, boards and regulators are all in agreement. If cybersecurity breaches are impossible to prevent 100% of the time, the focus must be on improving resilience so that organisations are bett...
The Trump administration’s release of a National AI Policy Framework in March strives to replace a tangle of state-level rules with a single ...
Threat actors are nothing if not resourceful. When they find that a particular pathway is blocked, they don’t give up. Instead, they simply search ...
Catch up with the stories that have caught our eye this month
What does the 700Credit breach show about the financial data system and supply chain risks, and what lessons can be learned? By Kate O’Flaherty In ...
Organizations fret about security and privacy risk. And more recently, they’ve paid attention to AI risk. But how often do they think of all ...
The GDPR was always meant to be vague. By not listing prescriptive technical controls – as, for example, PCI DSS does – the regulation does a bette...
When the UK introduced the Data Use and Access Act (DUAA), much of the early commentary focused on the divergence it introduced. Was this a softeni...
As worst-case scenarios go, they don’t get much worse than a company-wide wipe of all connected devices. Yet that’s the reality that US medtech fir...
Operational shutdown is the last thing any business wants, but it is a very real risk during a ransomware attack. This is a lesson US payment gatew...
The EU AI Act’s high-risk rules are legally slated for August 2026, but proposed amendments could push them to late 2027. For the unprepared, this ...
The new European Union Aviation Safety Agency’s Part-IS rules have come into place, expanding cybersecurity obligations across the civil avia...
Get a monthly round-up of all the information, privacy and cyber security news direct to your inbox.
We’re delighted to share that ISMS.online (IO) has been named a Leader in the G2 Grid® Reports for Spring 2026. We achieved ten badges in the Sprin...
As we enter Neurodiversity Celebration Week it is important that we consider why this week matters. For many people, it is an opportunity to spread...
The UK’s critical national infrastructure (CNI) providers are on notice. The National Cyber Security Centre (NCSC) has been ramping up its rhetoric...
Customers, boards and regulators are all in agreement. If cybersecurity breaches are impossible to prevent 100% of the time, the focus must be on i...
The Trump administration’s release of a National AI Policy Framework in March strives to replace a tangle of state-level rules with a single ...
Threat actors are nothing if not resourceful. When they find that a particular pathway is blocked, they don’t give up. Instead, they simply search ...
Great software should feel effortless. It should get out of your way, guide you naturally through your work, and make even the most complex tasks f...
Recent actions by the US administration make multilateral cybersecurity coordination between that government and others less certain in the future....
The EU’s AI Act is reaching the final stage in its tortuously long journey from legislative proposal to enforceable law. It’s been a long time comi...
The UK’s financial services sector punches well above its weight. London is a close second to New York as the world’s preeminent financial hub and ...
The past year has seen two UK legislative proposals focused on the issue of ransomware payments by British businesses. This focus from the UK gover...
The EU has introduced a new Digital Omnibus Bill designed to streamline data protection, cybersecurity and AI regulation. How can organisations ens...
Company number: 04922343
Nile House, Nile Street, Brighton, England, BN1 1HW
