Luke Irwin Archive
Although Europe looks as though it’s over the worst of the COVID-19 crisis – with infection rates down, lockdown restrictions eased and borders reopened – the associated cyber security threats are as prominent as ever. We’ve been tracking the way …
The GDPR (General Data Protection Regulation) introduced strict new rules regarding the way organisations report data breaches. Many businesses have already been caught out by these requirements. As a result, they’ve made a bad situation worse or created unnecessary work …
The ISO 27001 Standard describes best practice for an ISMS and explains the requirements you need to meet, but it doesn’t show you how to implement them. In this blog, we explain in nine steps exactly what you need to …
Risk assessments are one of the most important parts of an organisation’s ISO 27001 implementation project. The process can be tricky, but this blog simplifies the process by breaking it down into five easy-to-follow steps.
Amid all the expert advice about how to keep your organisation safe from data breaches, it’s important to remember that there’s no one right way to address information security.
Sure, there are universal threats and technologies and processes that address …
There’s a new standard for data privacy – ISO 27701. It’s the first document in the ISO 27000 series dedicated to privacy, explaining how organisations can create a PIMS (privacy information management systems) and meet best practices outlined in regulations such as the GDPR (General Data Protection Regulation).
The right to data portability is one of eight rights enforced by the EU General Data Protection Regulation (GDPR). It allows data subjects to obtain data that a data controller holds on them and to reuse it for their own …
Information security policies are arguably the most important part of an organisation’s defences, as the biggest threat you face comes from employees. Whether they’re making honest mistakes, ignoring instructions or acting maliciously, employees are always liable to compromise information. Technological defences can help mitigate the damage, but these must be accompanied by effective information security policies and procedures.
We have just seen 8,801,171,594 breached data records in one month. Yes, 8.8 billion. The majority of those were the result of a leaky database belonging to the Thai phone network AIS that was quickly resolved – but it was a dire …
Organisations share personal data with third parties all the time, but can they be trusted? The GDPR (General Data Protection Regulation) extended the scope of responsibility when it comes to data protection and privacy, so where does that leave you when it comes to security incidents caused by …
