A short article with some top tips for the successful implementation of ISO 27001:2013. Based on practical experience, and an enviable track record in assisting clients through to certification, this article gives highlights some critical steps to take in the route to ISO 27001 accreditation.
A quick surf of the internet lists many articles demonstrating how ISO 27001 can help you to be ready for General Data Protection Regulation (GDPR), usually from companies only too glad to help you implement ISO 27001. In this article, I would like to take a slightly different tack, and look at some of the [...]
There has been significant debate about the overlap of ISO 22301 (Business Continuity ) and ISO 27001 (Information Security). This article clarifies whether one standard or management system would provide reassurance for both disciplines.
The Information Commissioner’s Office (ICO) released its 2016/17 annual report on 13th July, which showed another steep rise in the number of data protection incidents. There were a total of 2565 self-reported data protection incidents in 2016/17, an increase of over 30% from the previous year. Once again the top sectors, by number of incidents, [...]
A quick summary of the cyber news today, and it is clear that the same key lessons are emerging as have already been noted this week. Indian restaurant guide, Zomato, is reporting the theft of data of some 17 million users. From the phrasing in their blog, it appears that they have just found the breach, [...]
There has understandably been much focus, over the last few days, on information security in the NHS. Whilst there is still no suggestion that any patient data was breached in the recent ransomware incident, breaches of patient data remain a global problem within the healthcare sector: over 30 million patient records were breached in the [...]
Hot on the heels of the massive ransomware attack on 12 May 2017, reports are emerging of ransomware attack on Disney. Unlike the Wannacry attack, which has impacted over 200,000 computers in 150 countries, the Disney attack has been deliberately targeted, with hackers threatening to release segments of the new Pirates of the Caribbean film [...]
What a start to Business Continuity Awareness Week! The theme for this year is Cyber Resilience', and the week has started with the investigations and continued fall-out from what has possibly been the world's largest cyber security event which occurred on Friday afternoon. A ransomware attack has spread throughout 150 countries, infecting more than 200,000 [...]
It was announced last week that the Information Commissioner's Office (ICO) had fined the insurance company Royal Sun Alliance £150 000 for the loss of a hard drive containing names, addresses and bank account details of 60 000 customers. The device was stolen from RSA's offices in West Sussex but it is not known whether [...]
Some 40,000 Tesco bank accounts have been frozen following online fraud attacks, with money taken from some 20,000 customers. Social Media comments have been made since Saturday when the fraudulent activity was first spotted. A statement has been released by the Chief Executive, Benny Higgins, explaining why action has been taken to temporarily stop online [...]