Cyber Security Archive
60% of respondents saying they thought an employee will accidentally breach sensitive data in the next year. That’s a higher than the proportion of people who expect to suffer a cyber attack (46%), yet organisations continue to plough resources into cyber crime prevention while overlooking the threat of insider incidents. Let’s take a look at some of …
This book is intended to be an introduction to the risks involved in Cloud sourcing, to enable managers to ask the right questions. Suggestions are offered for the kind of risks an organisation’s use of the Cloud might generate, and …
The information security industry is full of jargon, but luckily most terms only crop up when you’re dealing with specific, technical topics. However, there’s one common but surprisingly complex phrase that often appears without further explanation: ‘cyber security incident’. You might assume it’s simply a euphemism for organisations that don’t want to say ‘we’ve suffered a data breach’. That’s kind of true, but it’s also a …
A key corporate governance objective is to ensure that the organisation has an appropriate balance of risk and reward in its business operations and, as a consequence, enterprise risk management (ERM) increasingly provides a framework within which organisations can assess and …
This week marks the beginning of ECSM (European Cyber Security Month) 2019, an initiative run by ENISA (the European Union Agency for Cybersecurity), the European Commission DG CONNECT and partners to promote the importance of cyber security and highlight the steps that can be taken to mitigate cyber security risks.
Technological innovation has revolutionised business. Things like Cloud computing and the rise of remote working have made our jobs more flexible than ever, but it’s not only home workers who reap the benefits, as the rise of BYOD (bring your own device) policies has shown.
There’s a new standard for data privacy – ISO 27701. It’s the first document in the ISO 27000 series dedicated to privacy, explaining how organisations can create a PIMS (privacy information management systems) and meet best practices outlined in regulations such as the GDPR (General Data Protection Regulation).
An extract from ISO 27001 controls – A guide to implementing and auditing. An ideal book for anyone implementing or auditing an ISO 27001- compliant ISMS (Information Security Management System).
Risk assessments are one of the most important parts of an organisation’s ISO 27001 implementation project. The process can be tricky, but this blog simplifies the process by breaking it down into five easy-to-follow steps.
Kaspersky Lab’s latest report on phishing found that attacks have jumped 16% in the second quarter of 2019, compared to the same quarter in 2018. Cyber criminals are continuing to take advantage of the trust between individuals and companies by using fake registration, subscription and feedback forms to get victims to reveal their personal details. Looking at …
