Do you know what a DPIA is? Do you need to conduct one? This blog will give you an introduction to DPIAs and why and when you should conduct one. What is a DPIA? A DPIA (data protection impact …
The new tool will help data controllers quickly determine whether they need to conduct a DPIA in accordance with GDPR November 2018 – Information security and compliance specialist, Vigilant Software has reinforced its product portfolio with the launch of …
According to Ponemon’s 2018 Cost of Data Breach Study, the average cost of a data breach is $3.86 million (around £2.95 million), with an average cost of $148 (around £113) per lost or stolen record. But what factors contribute to …
Part 3: Risk treatment: The ISO 27001 Statement of Applicability The SoA (Statement of Applicability) is one of the most important ISO 27001 documents you will produce. It should: Identify the controls you’ve selected to address the risks you’ve identified; …
ISO 27001 is heavily focused on risk-based planning. This is to ensure that identified information risks are appropriately managed according to threats and the nature of these threats. Under ISO 27001:2013, an organisation must choose the relevant risk assessment methodology. Although not …
In recent years, the scale and scope of cyberattacks has increased dramatically. So, too, has the complexity and dynamism of organisation’s IT infrastructures. Collectively, this means that businesses have had to shift their attitude towards information security from passive, to …
An ICO (Information Commissioner’s Office) report has found that 45% of customers don’t trust organisations with their personal data. This is hardly surprising, given the constant news stories about cyber attacks and organisations mishandling personal data. In the past few days …
When implementing defences to keep data secure, organisations should put a lot of effort into preventing external actors penetrating them. However, as the 2018 BCI Horizon Scan Report reminds us, there are many other things to prepare for. The report asked more …
Tesco Bank has just been fined £16.4m following a cyber-attack in 2016 in which customer accounts were compromised, leaving them vulnerable to theft. The attack originally came to light when the supermarket giant spotted ‘suspicious transactions’ on 40,000 accounts. It …
New cloud-based information security tool will enable enterprises to deliver fast, accurate and hassle-free ISO 27001 security risk assessments 1st October 2018 – Information security and compliance specialist, Vigilant Software, has announced the launch of a cloud-based solution for conducting …
