Whether you’re an existing Cyber Essentials or Cyber Essentials Plus certificate holder or not, you may be aware that the certification process is going through some changes – these are almost exclusively related to the accreditation process rather than the actual elements of the certification and framework – we’ll walk you through all of it. […]
If you are looking to book your next penetration test and your prime consideration is getting the cheapest and quickest one available, simply because you need to tick a box, then this blog piece isn’t for you. If, on the other hand, your main concern is gaining a comprehensive picture of the security of your […]
What is a Data Privacy Impact Assessment? When do you need to conduct one? Join us for this pragmatic and informative webinar hosted by our Data Privacy & Protection expert, Ursula Baye. Ursula discusses the goals and objectives of this critical data protection requirement. She walks you through a simple step-by-step demonstration of how to […]
Both the UK Data Protection Act 2018 and General Data Protection Regulation (GDPR) require organisations to document how they process and transfer personal data from one location to another. And it’s the first critical step in conducting a Data Protection Impact Assessment (DPIA) to identify and address the associated security risks in this process. Join […]
In our recent webinar, ‘6 Things to do to Meet GDPR 3rd Country Requirements’, we provided information on how data privacy requirements may change and why organisations should prepare now. The webinar ended with a Q&A session with our data privacy and protection expert, Ursula Baye. In this post, we list the answers to those questions asked […]
So COVID-19 or the Corona Virus as it’s still commonly referred to is really beginning to bite now, our news media outlets are immersed in the subject 24/7 so I won’t burden you with yet more facts and figures. We won’t be trying to clumsily shoehorn a sales message into this piece. Instead, we thought […]
Many things that are important in getting ISO 27001 compliant but in this blog post, I’ve narrowed it down to just 4 key areas. Trust me. By focussing on these objectives, you will greatly simplify your journey. Make it relevant First things first. You need to make it relevant. People will be more supportive if […]
Are you considering conducting Red Team testing? Have you ever conducted one? Maybe it’s time for a new approach – a more holistic approach to assessing your information security controls from the perspective of an adversary. But are you ready? Simply put, Red Team testing is a methodology for confirming the effectiveness of the controls […]
ISO 27001 Audits can be stressful for those involved as a lot riding on the audit’s outcome. This is especially true if it’s the organisation’s first audit and there’s a compelling commercial reason to achieve ISO 27001 certification. Brand identity may be negatively affected if the business doesn’t pass. In this article, we explore the […]
In this post, you’ll learn why vishing is successful and what you can do to mitigate the risk of being vished. Vishing is a form of social engineering. Much like phishing, it can be used to manipulate people into giving away usernames, passwords and sometimes bank details. Vishing: Exploitation by voice commands Vishing is the […]