Practical, Cost Effective and award-winning

Business Continuity, Crisis Management & Information Security Solutions

Phone:

0800 035 1231 (Mon to Fri 9am – 5pm)

36B Market Street, New Mills

Derbyshire, SK22 4AA, United Kingdom

There appears to have been a big rise in the number of organisations certifying to the Cyber Essentials standard over the last three months.  Data from the four certifying bodies in August 2017 revealed that nearly 4600 organisations were certified at that stage, but this has now risen to over 5500; an increase of more [...]

Extremely Sensitive Data Breaches

We are now becoming so used to data breaches that only the most spectacular example receive much attention.  Usually they are spectacular because of the sheer volume of data, such as the Yahoo! breach of 2013; but on this occasion the newsworthy feature of the attacks is the sensitivity of the data that was compromised. [...]

According to the Business Continuity Institute's (BCI) inaugural Information Security Report, 15% of organisations "lost sensitive data" in the last 12 months. Indeed the actual figure could be higher, as a further 15% don't know if they did or didn't. Whatever the precise figure, it is broadly in line with a report from IBM in [...]

The October 2015 data breach at TalkTalk, resulting in the theft of personal data of almost 157,000 customers and a record £400 000 fine, has been widely reported  here and elsewhere.  However, another serious breach has not been so widely reported. TalkTalk began investigating in September 2014, after  receiving complaints from customer that they were [...]

ISO 27001 READINESS FOR GDPR

A quick surf of the internet lists many articles demonstrating how ISO 27001 can help you to be ready for General Data Protection Regulation (GDPR), usually from companies only too glad to help you implement ISO 27001.  In this article, I would like to take a slightly different tack, and look at some of the [...]

The Information Commissioner’s Office (ICO) released its 2016/17 annual report on 13th July, which showed another steep rise in the number of data protection incidents. There were a total of 2565 self-reported data protection incidents in 2016/17, an increase of over 30% from the previous year. Once again the top sectors, by number of incidents, [...]

Two weeks ago the ICO announced that it had fined a senior barrister £1000 for failing to keep clients' sensitive personal information secure.  The ICO explained that the barrister had kept sensitive information on 250 clients on a home computer without using any encryption.  Then, during an update of software on the computer, files were [...]

The Information Commissioner’s Office (ICO) announced yesterday that it had fined a private health company, HCA International Ltd, £200 000 for failing to keep fertility patients’ personal information secure. Back in April 2015, a patient found that transcripts of interviews with Lister Hospital IVF patients could be freely accessed by searching online.  A subsequent ICO [...]

The European Court of Justice yesterday ruled that the Safe Harbour scheme “enables interference, by United States public authorities, with the fundamental rights of persons” following a privacy campaign against Facebook by Max Schrems, a campaigning Austrian law student. Is it possible that this ruling could have implications for companies with ISO27001? In Europe, personal data [...]