What is cyber risk management? Cyber risk is the identification, analysis and evaluation of cyber risks. It understands and analyses the IT infrastructure, identifies the potential vulnerabilities within different systems, then prioritises the identified risks and makes coordinated efforts to …
Articles 25(1) and 25(2) of the GDPR (General Data Protection Regulation) outline your obligations concerning ‘data protection by design and by default’. This requirement ensures that the six data protection principles are implemented, and that individuals’ rights are always safeguarded. …
For many people, the prospect of conducting a risk assessment is daunting. Inexperienced assessors often rely on spreadsheets, spending hours interviewing people in their organisation, exchanging documents and methodologies with other departments and filling in data. After all that, they’ll …
Organisations that believe they can ignore cyber risk management and the benefits it offers will probably lose out as others adopt more efficient, more economical, less human-resource-intensive solutions. For effective cyber risk management, an organisation needs a thorough understanding of the …
We’re kicking off a new series of blogs tackling some of the biggest misconceptions around risk assessments, information security, data protection, regulatory compliance, and other issues that our customers are grappling with. Today’s theme is one that comes up time …
For many organisations, information is their most important asset, so protecting it is crucial. Information security is “the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information”. Information can take many forms, such as electronic and …
On 2 April, Google+ will cease to exist for external users. The search giant has cited two main reasons for the move: low user engagement and, more insidiously, software design flaws that allowed “third-party app developers to access the data not just of …
Completing a risk assessment is often the most complex and difficult aspect of an ISO 27001 project. Whatever tool you decide to use in your project, it needs to take into account many elements, such as assets, threats, vulnerabilities and …
Organisations that meet the requirements of the GDPR (General Data Protection Regulation) experience a wide variety of benefits, according to a new Cisco report. The 2019 Data Privacy Benchmark Study demonstrates that GDPR compliance makes organisations less susceptible to data breaches, as you’d expect, …
Dynamic duo deploy entire suite of risk and compliance products in one contract 27 February 2019 – Information security and compliance specialist Vigilant Software has secured its first major contract through its partnership with managed security expert Cipher. Vigilant Software …
