Going Beyond Cyber Essentials Plus Certification

Cyber essentials plus

Once you have successfully attained Cyber Essentials Plus (CE+) certification and the celebrations are over, what do you do? Do you just sit back and be happy that CE+ has been achieved or do you build upon it? Well, it all depends on why you undertook to achieve CE+ in the first place. Many companies […]

How to Choose an UKAS Accredited ISO 27001 Auditor

ISO 27001 Auditing Company

ISO 27001 Accreditation Bodies UK Before choosing an ISO certification body for your ISO 27001 certification you need to understand the reasons for obtaining the certificate. Many clients want the ISO certificate to demonstrate to clients and partners that they take information security seriously. Others have requirements for certification to allow them to bid for […]

How to Maintain ISO 27001 Remotely

In this new business era of virtual working, I have been asked how to maintain your ISO compliance with staff working from home and while it poses some problems, it’s certainly not difficult. The first thing to remember is that ISO 27001 defines the requirements for the Information Security Management System (ISMS). This ISMS has […]

4 ISO 27001 Compliance Key Areas You Should Know

Many things that are important in getting ISO 27001 compliant but in this blog post, I’ve narrowed it down to just 4 key areas. Trust me. By focussing on these objectives, you will greatly simplify your journey. Make it relevant First things first. You need to make it relevant. People will be more supportive if […]

Where do Businesses Fail in an ISO 27001 Audit? Plus Mistakes to Avoid

ISO 27001 Audit Due

ISO 27001 Audits can be stressful for those involved as a lot riding on the audit’s outcome. This is especially true if it’s the organisation’s first audit and there’s a compelling commercial reason to achieve ISO 27001 certification. Brand identity may be negatively affected if the business doesn’t pass. In this article, we explore the […]

Risk Crew Wishes You a Breach Free 2020

Looking back to 2019 and forward to 2020 If our Principal Consultant, Richard Hollis, had his Google Location Services on this year (he hasn’t of course, he’s not that mad!) it would throw up an image similar to what it would look like if you gave a kitten a ball of wool and it started […]

IoT Home “security” cameras: Are you having a laugh!?

IoT Home Security Cameras Amazon Ring

The Amazon Ring Tale “Update: 29/01/2020: so far, when yet more tales of woe (usually regarding the Amazon Ring) come in I have just been adding the stories in the comments section below the original article. However, when an actual Amazon engineer, usually known for their fierce loyalty, sticks their head above the parapet and effectively […]

Why Information Security Awareness Training is Important

a young male using the eRiskology Information Security Awareness elearning portal

Good information security awareness training can turn your workforce into the strongest line of defence instead of the ‘weakest link’.  Around 70 – 80% of all breaches can be attributed to the human element, yet companies often focus their resource of software-based security solutions. Where do we start? If you haven’t already found our post […]

Data Hack: Was Bezos a Bozo?

Picture of a clown with balloons with text on them that relate to the Bezos hacking events

We doubt it, he probably just needs some awareness training You’ve probably heard about Jeff Bezos’ personal and sensitive media being bandied about by the National Enquirer. No need for us to dwell on that, or comment on the US political machinations that could be behind it. Instead, prompted by an article by Rory Cellan-Jones […]

Don’t Go Chasing Information Security Unicorns

You may have noticed that unicorns are in the news a lot of late. Often, they are referred to in relation to Theresa May’s obviously unachievable Brexit ambitions but these are not the only unicorns in the, erm.. unicorn stable. In fact, they come in many different guises: There are the blockchain unicorns – fantastical […]

Risk Crew