The NCSC Says “It Is Time to Act”, But How?
It’s unusual to see an open letter from a business leader at the start of a government cybersecurity report. Especially someone whose company has j...
ISMS.online Blog
Compliance Matters
Keeping you up-to-date on the world of information security and compliance.
How Integrated Compliance Transforms Risk Management and Efficiency
Across industries, the compliance conversation is changing. Regulatory demands are rising, cyber threats are escalating, and stakeholder expectatio...
The Spine-Tingling Cyber Incidents Scaring Us This Halloween
The past few years have seen an array of high-profile cyber incidents, from supply chain attacks to zero-day vulnerabilities, ransomware to deepfak...
Heathrow Cyber Incident: Lessons in Resilience and Incident Response
As regulators mandate resilience in business operations, what can others learn from the cyberattack on a supplier that impacted Heathrow and its pe...
Continuous Control Made Simple: Intune and Entra Now in IO
At ISMS.online (IO), our mission is simple. To make information security management effortless. And that means helping you stay compliant not just ...
Continuous Control Made Simple: Intune and Entra Now in IO
At ISMS.online (IO), our mission is simple. To make information security management effortless. And that means helping you stay compliant not just ...
Why the FTC’s Chatbot Investigation Should Worry B2B Companies
September was a watershed moment for advocates of AI ethics. The FTC issued Section 6(b) orders to seven major tech companies that produce chatbots...
Could ISO 42001 Become the UK’s De Facto AI Regulator?
When the European Union voted through the AI Act in the latter part of 2024, it made history as the world’s first attempt to comprehensively ...
Stay ahead of the headlines with the IO newsletter
Get a monthly round-up of all the information, privacy and cyber security news direct to your inbox.
More Than Checkboxes – Why Standards Are Now a Business Imperative
Every October, World Standards Day passes with little fanfare. Perhaps it’s because for many, it evokes images of bureaucratic paperwork, dry...
Can the UK Create a Multibillion-Pound AI Assurance Sector?
The government is going all-in on AI. Announced in January, its AI Opportunities Action Plan seeks to drive economic growth, improve the quality of...
Safe Harbor Review Means Business as Usual – For Now
September was a watershed month for companies in Europe wanting to share data with the US. The General Court of the European Union rejected a chall...
Jaguar Land Rover’s Travails Highlight the Need for Cyber Resilience
Manufacturers have been the most popular target for global cyber-attacks over the past four years. The sector was also number one for ransomware in...
Will the Grok Breach Create GenAI Security Concerns?
A recent incident has raised concerns about how data is handled by GenAI tools. Is it time to ensure that your data doesn’t end up in their L...
As Optus Is Sued, What Went Wrong and What Lessons Can We Learn?
The wheels of justice move slowly sometimes. So it is in Australia, where the privacy regulator has finally filed civil penalty proceedings against...
When Legacy Systems Fail: Lessons from the Federal Courts Breach
Cyber attacks happen every day, but some are especially chilling. An attack this summer on the US court system should have sent chills down every s...
Everything You Need to Know About the Data Use and Access Bill
The UK’s new Data Use and Access Bill (DUAA) received Royal Assent on 19 June 2025, marking a refresh to the country’s data protection ...
EU AI Act: The New Content Training Summary Template for GPAI Providers
What is the Content Training Summary Template? The European Commission recently released an explanatory notice and template to help providers of g...
