Please consider updating your browser. Some parts of the website may not function as intended.

Beware the Coronavirus Phishing Attacks

Coronavirus Phishing

On top of everything else to contend with you also need to be especially vigilant to COVID-19 based phishing emails – we talked about phishing emails generally in a previous blog post “Why you should fear the spear” I’ll refrain from expressing fully the contempt that all decent thinking people must feel towards those wishing […]

Working from Home? Don’t Forget Information Security.

working remotely information security

So COVID-19 or the Corona Virus as it’s still commonly referred to is really beginning to bite now, our news media outlets are immersed in the subject 24/7 so I won’t burden you with yet more facts and figures. We won’t be trying to clumsily shoehorn a sales message into this piece. Instead, we thought […]

4 Key Areas to ISO 27001 Compliance

ISO-27001-Compliance

Many things that are important in getting ISO 27001 compliant but in this blog post, I’ve narrowed it down to just 4 key areas. Trust me. By focussing on these objectives, you will greatly simplify your journey. Make it relevant First things first. You need to make it relevant. People will be more supportive if […]

Ready for Red Team Testing?

Are you ready for Red Team Testing

Are you considering conducting Red Team testing in 2020? Have you ever conducted one? It’s a New Year, maybe its time for a new approach – a more holistic approach to assessing your information security controls from the perspective of an adversary. But are you ready? Simply put, Red Team testing is a methodology for […]

Top 3 Areas Many Fail in an ISO 27001 Audit

ISO 27001 Audits can be stressful for those involved as a lot riding on the audit’s outcome. This is especially true if it’s the organisation’s first audit and there’s a compelling commercial reason to achieve ISO 27001 certification. Heads might roll if they don’t pass the audit. The ISO certification audit comes in two stages […]

Don’t be Vulnerable to Vishing – Identify and Mitigate Risk

Vishing

In this post, you’ll learn why vishing is successful and what you can do to mitigate the risk of being vished. Vishing is a form of social engineering. Much like phishing, it can be used to manipulate people into giving away usernames, passwords and sometimes bank details. Vishing: Exploitation by voice commands Vishing is the […]

When Should You Conduct a DPIA?

DPIA

Sometimes we get in the mode of doing something out of procedure without a true understanding of why it’s important and the true benefit of the process. Such is the case with the DPIA (Data Protection Impact Assessments) which is pivotal to GDPR compliance. In general, conducting a DPIA will improve awareness in your organisation […]

What’s a Mature Security Awareness Programme?

Security Awareness Programme

Good news. Bad news. The bad news is that cyber security threats to businesses are increasing exponentially every day. But then, you already knew that. The good news is that the best defence against these ever-growing threats is already at work in your business – your staff. In 2019, 60% of the breaches that occurred […]

How to Stay Compliant with the GDPR After Brexit

GDPR Brexit No Deal

With Brexit-no-deal staring us in the face, the big question for the future is what happens next? The UK Government has stated its’ plans to keep the GDPR regulation “as-is” after it has left the Union; therefore companies are advised to maintain compliance with both the GDPR and the UK DPA 2018 even if they […]

2020 Trends that will Dominate Data Privacy

2019 brought a great deal of focus on data privacy; not to mention the variety of new government regulations. With cyber-attacks on the rise not only in size but in sophistication and cost, data privacy remains a very relevant topic. And attacks aren’t going away – an increase of 72% in the average cost of […]

Do NOT follow this link or you will be banned from the site!