Safely move on from COVID-19

ISMS.online News Roundup – 12th December 2019

Information Security Risk Management Explained – ISO 27001

Risk management is a term that is often used in business today. Nevertheless, it poses risk in itself without having a clear understanding of what it entails and how to go about it successfully! Our article explains how to conduct ISO 27001 risk management in compliance with the risk-focused aspect of GDPR.

Read the full article here.

Press Release: ISMS.online Receives Major New Investment

ISMS.online is proud to announce that we have received significant new investment to our fast-growing SaaS platform, from Sussex investment firm Cow Corner. This is a very exciting time for us as we enter our next phase of growth that will allow us to continue to improve our excellent product and service.

Read the full press release here.

Why I Don’t Blame Boards for Underinvesting in Cybersecurity

John Blythe explores why 72% of FTSE 350 companies say that cyber risk is seen as a top risk, yet only 46% have dedicated security budgets as well as how boards manage risk needs to be considered before making assumptions in this superb Infosecurity Magazine article.

Read the full article here.

Researchers say these are 2020’s biggest cybersecurity challenges

The Deccan Chronicle have published their own collection of 2020 cybersecurity forecasts following Kaspersky, a global security analysis and software provider’s predictions to what they think might be the core cybersecurity threats for the upcoming year, ranging from the proliferation of deep-fakes to the exploitation of APIs.

Read the full article here.

New York Water System Audit Finds Cybersecurity Flaws

Rachel Ettlinger explores how an audit by the New York State Comptroller’s Office found cybersecurity flaws of the water system in upstate New York using a simulated cyber attack to find gaps throughout the defences, in this brilliant article for Government Technology.

Read the full article here.

‘Lack of Interest’ in Digital Skills Holding Scottish Firms Back

Ross Kelly reports in this insightful article for DIGIT that, following developments in cybersecurity that supports Scottish companies to defend themselves against cybercrime, digital capabilities are still a major concern. This comes after the Business Digital Survey report, conducted by the Bank of Scotland, found that a great deal of work still remains.

Read the full article here.

Why The Travel Industry Needs To Take Cybersecurity Seriously

The travel industry is a cybercrime treasure trove due to the information it retains resulting in it being a high-profile target for cybercriminals. Ali Coulton discusses how cybersecurity has been overlooked by the travel industry in this excellent article for Travel Weekly and what should be done to remedy this.

Read the full article here.

Why is SaaS important for business network security?

In this brilliant article for ITProPortal, Thorsten Kurpjuhn explores how SaaS is becoming increasingly important as traditional measures are unable to cover the rapidly changing pace of technology and prepare for the future with increasing cyber security threats and demand for web service.

Read the full article here.

Abundance of cybersecurity tools puts enterprises at risk

Anthony Spadafora discusses, in this fascinating article for TechRadar, that new research from an enterprise security firm has shown that a dramatic increase in the number of security tools used by companies is increasing the risk of cyber threats while also reducing their ROI by underutilizing them.

Read the full article here.

Building a cybersecurity strategy to protect your small business

Small business cybersecurity is an underrepresented area, but small business owners are hard to blame for underestimating the threats it creates. Shena Tharnish for the San Fransisco Business Times examines how a recent study found that 67 percent of small businesses said they were the victim of a cyber-attack in the intervening 12 months and what the key steps an SMB should take to safeguard their company.

Read the full article here.

Can law firms put a price on their clients’ privacy?

Law firms are a massive target for cybercriminals as privacy is at the core of the legal sector. People and companies place their trust in law firms for safe and discreet transactions on their behalf. Rebecca Morpeth discusses why the industry must protect this information as a violation of confidentiality can mean the end for a law firm, in this brilliant article for Security News Desk.

Read the full article here.

Experts Comments: CyrusOne Hit By Ransomware Attack

In this fascinating article for InformationSecurityBuzz, experts response to how one of the biggest data centre suppliers in the U.S. has experienced a ransomware attack and give advice on how enterprises can defend themselves from this by informing consumers on preventing “accidental clicks.”

Read the full article here.

There’s a lot to like about the Senate privacy bill, if it’s not watered down

The U.S. Senate proposed the Consumer Online Privacy Rights Act (COPRA) last week, which is perhaps the most comprehensive U.S. Privacy Act in history as it discusses concerns regarding challenges to the privacy of digital technologies for people. In this fantastic article, opinion contributors to The Hill, Woodrow Hartzog and Neil Richards, explore what the act proposes and how it could be diluted through negotiation.

Read the full article here.

Different decade, same healthcare privacy and security problems?

Digital Health has published this interesting piece by their columnist, Davey Winder, reflecting on the past year and examines whether anything has improved with regard to healthcare cybersecurity as we come to the end of 2019 and what could be done if not.

Read the full article here.

Tories, Labour and LibDems face legal bid over mishandling data

The Open Rights Group has opened a legal challenge to the major political parties in the United Kingdom, requesting that they stop processing their data and delete any profile of them. Gregg Russell details the campaigners’ findings as well as the parties’ responses in this thought-provoking article for The National.

Read the full article here.

Over 750,000 applications for US birth certificate copies exposed online

More than 752,000 birth certificate applications were found on a company’s non-password protected AWS storage bucket. Zack Whittaker details how due to this the company, that allows users to obtain a copy of their birth and death certificates from U.S. state governments, allowed anyone who knew the web address to access this data, in this excellent TechCrunch report.

Read the full article here.

Internet provider faces big GDPR fine for lax call centre checks

In this brilliant article for the BBC, Leo Kelion examines how German Internet service provider 1&1 Telecom faces an £ 8 m fine after being suspected of not carrying out stringent enough consumer identification checks that can enable fraudsters to easily access the personal data of customers.

Read the full article here.

India’s updated data protection Bill would provide more scope to access citizen data

Campbell Kwan discusses how India released an amended version of their 2019 Personal Data Protection Bill which, if approved, will result in Indian businesses needing to seeking approval before gathering any personal data. However, the act would allow the government to direct companies to hand over anonymized personal data and citizens ‘ non-personal data as long as it serves the public interest, in this fascinating article for ZDNet.

Read the full article here.

GET IN TOUCH

Phone:   +44 (0)1273 041140
Email:    enquiries@isms.online