There are many growing drivers for an organisation and its supply chain to take the subject of information security and privacy seriously. These include major threats from cyber-crime that can kill companies with one simple data breach. Despite that threat, not all...
Social Media has been alive with the sound of security buffs ridiculing cryptocurrency trading platform, Enigma, for a purported hack that cost prospective customers approximately $500,000 in Ethereum. Apparently, the breach occurred when hackers gained access...
Public awareness of their data rights is likely to be high when GDPR comes into effect next year. The threats in getting it wrong are well publicised, the opportunities less so. I’m probably not the only person to notice that this weekend appeared to mark the...
EU GDPR hails a new era of data protection where tick-box compliance is replaced by understanding and accountability. Back in January Elizabeth Denham, the UK Information Commissioner, delivered a speech on GDPR and accountability to the Institute of Chartered...
Phil Lewis of Alliantist describes how data protection regulations are driving big changes in the way we approach supplier security and compliance. Compliance is moving away from the contractual but trust based and tick box Information Security Management assurance,...
Advice Cloud offer organisations expert help with their UK G-Cloud submissions. This week they interviewed Alliantist CEO, Mark Darby for his thoughts on the public sector’s growing need for data security assurances….
Information security management is no longer driven by the fear of security breaches alone. There is now a growing urgency to meet stringent data privacy requirements of legislation, such as the new General Data Protection Regulation (GDPR). Failure to do so could soon result in hefty fines for non-compliance.
Keeping information secure within your organisation rests on the actions of your staff. You can develop strong policies for information security. You can patch, monitor and defend your systems against attacks. You can get certificates and accreditations for all the key standards like; Cyber Essentials, PCI DSS and ISO 27001.
But it can all go wrong with one phone call.
At a time when every penny counts, the people of Hampshire will be ruing the £100k fine placed on their County Council by the ICO. What other services could be compromised to pay that penalty?
The fine came about because highly sensitive information about adults and children was found in confidential waste paper bags in a building. So what can be done to avoid situations like that in future?