“What’s your password please caller?”

“What’s your password please caller?”

You are only as secure as your weakest link

Keeping information secure within your organisation rests on the actions of your staff. You can develop strong policies for information security. You can patch, monitor and defend your systems against attacks. You can get certificates and accreditations for all the key standards like; Cyber Essentials, PCI DSS and ISO 27001.

But it can all go wrong with one phone call.

More than just TalkTalk – A huge fine and a lesson in information security management for organisations large and small

Like many, we’ve been following the major TalkTalk personal data breach of 2015. It has been difficult to ignore!

So serious was it that it sparked a formal enquiry by the Culture, Media and Support Committee and now, the latest news from the Information Commissioner’s Office (ICO) reveals the £400k fine they have levied on TalkTalk…the largest ever!

Managing risk for information security – the ISO 27001:2013 way

Managing risk for information security – the ISO 27001:2013 way

It was following a demo of our online software for managing your ISMS, that I was subjected to an uncharacteristic rant by Mark Darby, our MD at Alliantist and founder of ISMS.online.

When I say uncharacteristic, I mean in terms of business. I’ve experienced similar rants about Liverpool F.C. but that’s for another time!

It all started with an innocent sales demo to a group of unsuspecting individuals, starting out on their journey to ISO 27001:2013 accreditation. It was all a stroll in the park until we hit risk management, 6.1 of the standard, and our risk management tool.

It’s my round!

It’s my round!

Actually, it’s Wetherspoon’s turn in what is fast becoming a data breach nightmare for more than just a few regulars. The pulling power of vouchers off alcohol at pub chain JD Wetherspoon, could have cost a few punters more than their favourite tipple in last week’s announcement that the personal details of up to 657,000 customers were stolen in the latest cyber attack on a British company.