Whether you’re an existing Cyber Essentials or Cyber Essentials Plus certificate holder or not, you may be aware that the certification process is going through some changes – these are almost exclusively related to the accreditation process rather than the actual elements of the certification and framework – we’ll walk you through all of it. […]
08
Apr
Apr
If you are looking to book your next penetration test and your prime consideration is getting the cheapest and quickest one available, simply because you need to tick a box, then this blog piece isn’t for you. If, on the other hand, your main concern is gaining a comprehensive picture of the security of your […]
30
Mar
Mar
In our recent webinar, ‘6 Things to do to Meet GDPR 3rd Country Requirements’, we provided information on how data privacy requirements may change and why organisations should prepare now. The webinar ended with a Q&A session with our data privacy and protection expert, Ursula Baye. In this post, we list the answers to those questions asked […]
16
Mar
Mar
So COVID-19 or the Corona Virus as it’s still commonly referred to is really beginning to bite now, our news media outlets are immersed in the subject 24/7 so I won’t burden you with yet more facts and figures. We won’t be trying to clumsily shoehorn a sales message into this piece. Instead, we thought […]
09
Mar
Mar
Many things that are important in getting ISO 27001 compliant but in this blog post, I’ve narrowed it down to just 4 key areas. Trust me. By focussing on these objectives, you will greatly simplify your journey. Make it relevant First things first. You need to make it relevant. People will be more supportive if […]
25
Feb
Feb
ISO 27001 Audits can be stressful for those involved as a lot riding on the audit’s outcome. This is especially true if it’s the organisation’s first audit and there’s a compelling commercial reason to achieve ISO 27001 certification. Brand identity may be negatively affected if the business doesn’t pass. In this article, we explore the […]
17
Feb
Feb
In this post, you’ll learn why vishing is successful and what you can do to mitigate the risk of being vished. Vishing is a form of social engineering. Much like phishing, it can be used to manipulate people into giving away usernames, passwords and sometimes bank details. Vishing: Exploitation by voice commands Vishing is the […]
10
Feb
Feb
Data protection impact assessments (DPIAs) are a legal requirement for GDPR, to ensure people’s private and sensitive data remains secure and isn’t misused. In this article, our security experts explain when you should conduct a DPIA and the benefits to you of doing so. When might a data protection impact assessment be used? DPIAs are […]
27
Jan
Jan
With Brexit-no-deal staring us in the face, the big question for the future is what happens next? The UK Government has stated its’ plans to keep the GDPR regulation “as-is” after it has left the Union; therefore companies are advised to maintain compliance with both the GDPR and the UK DPA 2018 even if they […]
20
Jan
Jan
2019 brought a great deal of focus on data privacy; not to mention the variety of new government regulations. With cyber-attacks on the rise not only in size but in sophistication and cost, data privacy remains a very relevant topic. And attacks aren’t going away – an increase of 72% in the average cost of […]