Information security is all about protecting your organisation’s information, whether digitally or in hard copy. ISO 27000 – which defines the key terms of ISO 27001, the international standard for information security management – defines information security as the “preservation …
Two thirds of UK organisations are uninsured against the financial impact of a data breach, a survey has revealed. NTT Security’s Risk:Value 2018 report found that only 29% of organisations have dedicated cyber insurance in place, despite 81% of senior executives touting …
However your business is likely to be affected by Brexit, Arron Banks may just have helped you out. How? By drawing attention to the myriad responsibilities organisations have to protect users’ personal data – and the hefty fines they risk …
Do you know what a DPIA is? Do you need to conduct one? This blog will give you an introduction to DPIAs and why and when you should conduct one. What is a DPIA? A DPIA (data protection impact …
The new tool will help data controllers quickly determine whether they need to conduct a DPIA in accordance with GDPR November 2018 – Information security and compliance specialist, Vigilant Software has reinforced its product portfolio with the launch of …
According to Ponemon’s 2018 Cost of Data Breach Study, the average cost of a data breach is $3.86 million (around £2.95 million), with an average cost of $148 (around £113) per lost or stolen record. But what factors contribute to …
Part 3: Risk treatment: The ISO 27001 Statement of Applicability The SoA (Statement of Applicability) is one of the most important ISO 27001 documents you will produce. It should: Identify the controls you’ve selected to address the risks you’ve identified; …
ISO 27001 is heavily focused on risk-based planning. This is to ensure that identified information risks are appropriately managed according to threats and the nature of these threats. Under ISO 27001:2013, an organisation must choose the relevant risk assessment methodology. Although not …
In recent years, the scale and scope of cyberattacks has increased dramatically. So, too, has the complexity and dynamism of organisation’s IT infrastructures. Collectively, this means that businesses have had to shift their attitude towards information security from passive, to …
An ICO (Information Commissioner’s Office) report has found that 45% of customers don’t trust organisations with their personal data. This is hardly surprising, given the constant news stories about cyber attacks and organisations mishandling personal data. In the past few days …
