Does Your ISO 27001 Certificate Mean You’re Secure? After I published my recent piece on the GCHQ Director’s Bletchley Park lecture, a fellow practitioner left a comment that I’ve been turning over in my head ever since. It’s a question about ISO 27001 certification and what it really proves about security that deserves more than […]
Does Your ISO 27001 Certificate Mean You’re Secure? Read More »
From Boardrooms to Living Rooms”: What the GCHQ Director’s Bletchley Speech Really Said It’s rare for the Director of GCHQ to speak in public. Anne Keast-Butler said as much herself this morning, standing at Bletchley Park to deliver the first annual GCHQ lecture. The fact that she felt compelled to do so tells you something
From Boardrooms to Living Rooms”: What the GCHQ Director’s Bletchley Speech Really Said Read More »
M&S just told us exactly what a cyber incident cost a UK business. Are you ready for yours? Yesterday, Marks & Spencer published its full-year results. Profits down 23.8%. Fashion and home revenue down 7.7%. £131 million in direct costs attributed to a single cyber incident. And all of it traceable back to a third-party
M&S just told us exactly what a cyber incident costs. Are you ready for yours? Read More »
48 staff. No dismissals. No ICO investigation. The Southport records breach tells us everything we need to know about insider threat. When the news broke this week that 48 NHS staff had inappropriately accessed the medical records of Southport attack victims — and that the highest sanction any of them received was a final written
How to Audit Information Security Effectively In today’s digital landscape, safeguarding sensitive data is a top priority for every organisation. Conducting an internal audit of information security is a crucial step in identifying vulnerabilities, ensuring compliance, and strengthening overall security measures. This guide outlines the essential steps to effectively audit information security and implement best […]
How to Audit Information Security Effectively Read More »
It is probable that the Post Office scandal highlights information security failings by both the Post Office and their contractor, Fujitsu, some of which I will summarise in this short blog. I, like much of the adult population of the UK, have watched, appalled and angry, as the docu-drama Mr Bates vs the Post Office […]
Post Office scandal highlights Information Security Failings Read More »
It is interesting to note the number of searches for ISO 27001 pdf, or even the number of searches for a free version of the standard. This presents some interesting questions and considerations, not least those of ethics! Regardless of the fact that most ISO standards are derived by a group of volunteers, the copyright […]
ISO 27001 pdf – is it free? Read More »
