Risk Management Archive
What do Microsoft, Verizon, Apple, Google, Intel, and Amazon have in common? As well as all being Fortune 500 companies, they are all ISO 27001 certified. With a global growth rate of 20%, ISO 27001 has become the de facto …
Sharon O’Reilly, GRC/GDPR consultant at IT Governance Europe, was interviewed by The Sunday Business Post before her appearance today at the GDPR Summit. She discussed the challenges facing organisations in the lead up to the General Data Protection Regulation (GDPR). …
The Irish government has published its highly anticipated 2018 Data Protection Bill. The Bill, which broadly follows the general scheme released in May 2017, incorporates Ireland’s national implementing measures required under the General Data Protection Regulation (GDPR) as well as …
With the rise in cyber attacks and increased risk of a data breach, organisation boards are under increased pressure than ever to improve data governance and security. To help organisations ensure that all areas of cyber security are covered, IT …
The Office of the Data Protection Commissioner (ODPC) has claimed that data relating to former and current staff at Independent News & Media (INM), including four journalists and former directors, has been breached. The Office of the Director of Corporate …
Most organisations’ cyber security defences aren’t good enough. How could they be? Even with unlimited money and staff, it is practically impossible to address the constantly emerging and evolving threats. There are unpatched systems, potential malware infections, the threat of …
A Royal Academy of Engineering (RAENG) report has warned that health technology is vulnerable to cyber attacks and that criminal hackers could kill patients by attacking their pacemakers or heart pumps. Experts cautioned that connected health devices, such as pacemakers …
Organisations have a hard enough time preventing phishing attacks, but they are now facing a surge in a subcategory of phishing known as ‘whaling’. According to cyber security provider Smarttech 247, the number of whaling attacks tripled in 2017, with …
If your organisation collects cardholder data, you need to comply with the Payment Card Industry Data Security Standard (PCI DSS). The Standard was designed to help organisations manage card payments securely, and is regulated by major card brands (Visa, Mastercard, …
“No one would want to steal my information.” People often say this to us, but they’re wrong. Every organisation has something worth stealing, whether it’s personal information, payment card data, medical records or intellectual property. Cyber criminals know this and …