Please consider updating your browser. Some parts of the website may not function as intended.

4 Business Questions About IoT Devices

IoT Devices

Are your IoT devices secure? Internet of things (IoT) devices have seen year on year increases in business and personal use because they are usually beneficial in being convenient and easy to use. IoT devices are used for various purposes, from making smart homes to implementing a business’s security system. As with all internet connected […]

Cyber Supply Chain Risk Management – Should Penetration Testing be Required?

Let us begin by describing how to approach Cyber Supply Chain Risk Management (C-SCRM) and the risks your vendors pose to you. Then we will discuss if you should require them to show evidence that penetration testing was conducted and what remediations were taken. C-SCRM in a nutshell For simplicity let us split suppliers into […]

Shut Down the 5 Deadliest Web Application Attack Vectors

Web Application Attack Vectors

Web applications are an essential component of any modern business. They can help convey the company vision, advertise services and deliver content to customers. Regardless of their use, they are a necessity to make oneself or a business known to the world. However, as beneficial as they can be, they can also be a double-edged […]

Conducting DPIAs: The Key to Unlocking Data Protection Compliance Webinar

Why else should you attend the webinar? You’ll not only receive expert insight into triggers and mistakes to avoid but will have the opportunity to ask your pressing questions surrounding the DPIA tool – which is the key to DPA and GDPR compliance. What else will be covered on DPIAs?   The 4 objectives for […]

3 Triggers for Conducting a DPIA

Here’s a funny thing – recital 84 of the EU’s GDPR legislation states “…where processing operations are likely to result in a high risk to the rights and freedoms of natural persons, the controller should be responsible for the carrying-out of a data protection impact assessment…”. Paragraph 1 of Article 35 says pretty much the […]

Personal Data Deletion Done the Right Way

personal data deletion

Are you managing personal data deletion correctly under the DPA and GDPR? Does everyone in your organisation know what to delete and when to delete? It might seem like an easy task but many still struggle with this. The deletion of 213,000 UK police records due to incorrectly flagged files for deletion is a good […]

4 Simple Security Testing KPIs

security testing kpis

Cyber security is a journey and not just a destination. In the ever-changing security landscape, regular testing and mitigation are required. To prevent testing efforts from feeling like a sinkhole on time and funding, mechanisms can be used to track the output of testing to show progress and motivate internal teams to improve their practices. […]

Risk Crew