Vigilant Software Blog
ISO 27001 audits can be intimidating, especially if it’s the first time that your ISMS (information security management system) has been audited. So how can you make sure you’re doing everything that you should? This blog helps you settle your …
The concepts of data privacy and data security might sound similar, but each involves a totally different set of processes and skills for comprehensive data governance. Data privacy relates to the protection of PII (personally identifiable information) – payment card …
The SoA (Statement of Applicability) is one of the key documents when it comes to ISO 27001 compliance. It identifies the controls you have selected to address information security risks, explains why those controls have been selected, states whether they’ve …
You won’t get far with your GDPR (General Data Protection Regulation) compliance activities if you don’t know what’s considered personal data. But it’s not as simple as identifying whether the information you’re processing is in the Regulation’s scope, because the …
Each year, Ponemon Institute surveys organisations around the world to estimate the financial effects of data breaches. Its 2019 report found that the average cost was $3.92 million (about £3.18 million). This is a steady increase on last year’s total …
Law firms are likely to have a higher information risk profile compared to organisations in many other sectors – and this needs to be managed accordingly. The question is – how?
Data protection is a major concern for organisations large and small. Recent announcements by the UK data protection authority, the ICO (Information Commissioner’s Office), of significant penalties for British Airways (more than £183 million) and Marriott (more than £99 million) …
So, you’re a small business or start-up. You know that you need to comply with the EU GDPR (General Data Protection Regulation), because you process EU residents’ personal data, but the trouble is, you don’t know where to begin. We’ve …
Any organisation within the scope of the GDPR (General Data Protection Regulation) must conduct regular risk assessments. This is the only way that you can be sure that you’re properly identified potential security incidents and that your defences measures are …
Keeping information secure should be a priority for any organisation. However, with the world increasingly interconnected and cyber crime on the rise, this can be a challenge. In order to protect themselves and the data in their care, it’s vital …
