Now, more than ever, organisations need effective and efficient IT to survive. IT supports critical business processes that generate revenue, serve customers and allow business goals to be achieved.
An Post has notified the Data Protection Commission (DPC) of a breach affecting 250 customers. An email sent to customers about the move of the AddressPal service from one post office in Cork to another accidentally had all 250 recipients’ email addresses in the ‘To’ field rather than 249 of them being in the ‘Bcc’ (blind carbon copy) field. This meant every customer who received the email could see …
There’s a new standard for data privacy – ISO 27701. It’s the first document in the ISO 27000 series dedicated to privacy, explaining how organisations can create a PIMS (privacy information management systems) and meet best practices outlined in regulations such as the GDPR (General Data Protection Regulation).
An extract from ISO 27001 controls – A guide to implementing and auditing. An ideal book for anyone implementing or auditing an ISO 27001- compliant ISMS (Information Security Management System).
If your organisation is subject to the GDPR (General Data Protection Regulation), you must create and distribute a privacy notice. This document ensures that individuals are aware of the way their personal data is processed, helping them understand what data is being collected, why and how it’s being used, and how …
Organisations that accept card payments are responsible for the security of customers’ payment information and must comply with the PCI DSS (Payment Card Industry Data Security Standard). Compliance will be a lengthy process for some, but organisations that handle fewer than six million transactions annually can …
Risk assessments are one of the most important parts of an organisation’s ISO 27001 implementation project. The process can be tricky, but this blog simplifies the process by breaking it down into five easy-to-follow steps.
Kaspersky Lab’s latest report on phishing found that attacks have jumped 16% in the second quarter of 2019, compared to the same quarter in 2018. Cyber criminals are continuing to take advantage of the trust between individuals and companies by using fake registration, subscription and feedback forms to get victims to reveal their personal details. Looking at …
There are plenty of reasons a career in information security might appeal: it’s rewarding, there’s huge demand for skilled professionals and it pays well. Plus, you don’t need to study for years and get a degree to enter the industry. All you need to get started is …
Information security policies are arguably the most important part of an organisation’s defences, as the biggest threat you face comes from employees. Whether they’re making honest mistakes, ignoring instructions or acting maliciously, employees are always liable to compromise information. Technological defences can help mitigate the damage, but these must be accompanied by effective information security policies and procedures.
