Atlas Air and the Supply Chain Problem: How Unproven Claims Create Real-World Risk
Ransomware group Everest’s claims it breached Atlas Air and its supplier Tsunami Tsolutions show how modern ransomware attacks are exploiting suppl...
ISMS.online Blog
Compliance Matters
Keeping you up-to-date on the world of information security and compliance.
Closing the Resilience Gap: Where the Government Says UK PLC Is Still Failing
Customers, boards and regulators are all in agreement. If cybersecurity breaches are impossible to prevent 100% of the time, the focus must be on i...
What the White House’s National AI Policy Framework Means For Compliance
The Trump administration’s release of a National AI Policy Framework in March strives to replace a tangle of state-level rules with a single ...
The Path of Least Resistance: Why Defence in Depth Is the Best Response to Cloud Threats
Threat actors are nothing if not resourceful. When they find that a particular pathway is blocked, they don’t give up. Instead, they simply search ...
Meeting the Data Use and Access Act with Confidence: Why the ISO 27001, 27701 and 42001 Loop Delivers
When the UK introduced the Data Use and Access Act (DUAA), much of the early commentary focused on the divergence it introduced. Was this a softeni...
Cyber Threats in a Time of Heightened Middle East Tensions: What UK CISOs Can Expect
As worst-case scenarios go, they don’t get much worse than a company-wide wipe of all connected devices. Yet that’s the reality that US medtech fir...
The Resilience Factor: Breaking Down the BridgePay Ransomware Attack
Operational shutdown is the last thing any business wants, but it is a very real risk during a ransomware attack. This is a lesson US payment gatew...
Why Regulatory Uncertainty is the Best Reason to Adopt ISO 42001 Now
The EU AI Act’s high-risk rules are legally slated for August 2026, but proposed amendments could push them to late 2027. For the unprepared, this ...
Stay ahead of the headlines with the IO newsletter
Get a monthly round-up of all the information, privacy and cyber security news direct to your inbox.
Flying High: The EU Aviation Safety Agency’s Part-IS Rules Explained
The new European Union Aviation Safety Agency’s Part-IS rules have come into place, expanding cybersecurity obligations across the civil avia...
IO Ranked G2 Grid Leader in Governance, Risk and Compliance for Spring 2026
We’re delighted to share that ISMS.online (IO) has been named a Leader in the G2 Grid® Reports for Spring 2026. We achieved ten badges in the Sprin...
Neurodiversity Celebration Week: Bringing Awareness to Action
As we enter Neurodiversity Celebration Week it is important that we consider why this week matters. For many people, it is an opportunity to spread...
The NCSC Wants Critical Infrastructure to “Act Now”: What Does That Mean?
The UK’s critical national infrastructure (CNI) providers are on notice. The National Cyber Security Centre (NCSC) has been ramping up its rhetoric...
A Smarter, Cleaner IO: The UX Improvements Making Compliance Work Easier Every Day
Great software should feel effortless. It should get out of your way, guide you naturally through your work, and make even the most complex tasks f...
US Cyber Agreements Withdrawal Signals Corporate Risk
Recent actions by the US administration make multilateral cybersecurity coordination between that government and others less certain in the future....
A Key EU AI Act Deadline Is Approaching: Here’s What Businesses Need to Know
The EU’s AI Act is reaching the final stage in its tortuously long journey from legislative proposal to enforceable law. It’s been a long time comi...
UK Financial Services Firms Are Still Failing the Basics, the BoE Warns
The UK’s financial services sector punches well above its weight. London is a close second to New York as the world’s preeminent financial hub and ...
Pay the Ransom or Not? Government Considerations on Paying a Way Out of Cybercrime
The past year has seen two UK legislative proposals focused on the issue of ransomware payments by British businesses. This focus from the UK gover...
