Luke Irwin Archive
Organisations have struggled with the GDPR (General Data Protection Regulation) since it took effect just under a year ago. But compliance help is easier than you might expect. ISO 27001, the international standard for implementing and maintaining an ISMS (information …
Organisations that provide tech services and systems to third parties should be familiar with SOC (Service Organization Control) 2. The framework is designed to ensure that relevant organisations – Cloud computing providers, Software as a Service companies, etc. – process information securely. Service organisations are usually required to pass a SOC 2 audit in order to …
If you’re new to ISO 27001, you might be finding it difficult to choose a training course that suits your needs. Two of the more popular options are the lead auditor and lead implementer courses, but which one is right for …
Project managers are among organisations’ biggest assets, because they provide flexibility and leadership – and they are increasingly being used to align specialist skills within software environments and general business abilities. Indeed, Colin Bentley’s Adaptable Project Management – A combination …
Organisations always have to worry about the security of the information they send by email. You can never be certain who has access to your messages, and everyone has probably been guilty at least once of sending a message to …
August was the third leakiest month of the year so far, with a massive 99 recorded data breaches and cyber attacks. But, by contrast, only 36,673,575 records were confirmed to have been leaked, which is the fewest we’ve recorded since …
Software solutions are the simplest way for organisations to address many of their cyber security threats. All you need to do is pick out and purchase the right tools and away you go. Unlike the other aspects of the cyber security triad – processes and people – there’s often no need to carefully curate solutions that …
The GDPR (General Data Protection Regulation) is a complex law, and as you might have noticed, some aspects appear to contradict each other. That includes the rules regarding one of the more widely discussed aspects of the Regulation: the right to erasure (also known …
Last month, the ECJ (European Court of Justice) ruled that the EU–US Privacy Shield is no longer valid, because it failed to protect people’s rights to privacy and data protection. The framework, which was adopted in 2015 to replace Safe …
There’s a lot to consider when starting your own business, and with almost all your resources focused on recouping your investment, it’s understandable that you might not consider information security a top priority. Indeed, you might reason that spending money …
