We are now becoming so used to data breaches that only the most spectacular example receive much attention. Usually they are spectacular because of the sheer volume of data, such as the Yahoo! breach of 2013; but on this occasion the newsworthy feature of the attacks is the sensitivity of the data that was compromised. [...]
The Chairman and CEO of Equifax yesterday became the latest executive to “retire” in the wake of the enormous data breach announced on 7th September; the CIO and CSO having already “retired” two weeks ago. The previous “retirements” coincide with the bottoming out of a steep fall in share price (roughly 33% or $5b) following [...]
The International Organization for Standardization (ISO) published the results of their 2016 survey last week and there are big rises in the number of certifications for both ISO 22301 and ISO 27001. By the end of 2016 there were a total of 3853 organizations globally certified to ISO 22301, a rise of 23% from 2015. [...]
A short article with some top tips for the successful implementation of ISO 27001:2013. Based on practical experience, and an enviable track record in assisting clients through to certification, this article gives highlights some critical steps to take in the route to ISO 27001 accreditation.
A quick surf of the internet lists many articles demonstrating how ISO 27001 can help you to be ready for General Data Protection Regulation (GDPR) and the Data Protection Act 2018, usually from companies only too glad to help you implement ISO 27001. In this article, I would like to take a slightly different tack, [...]
There has been significant debate about the overlap of ISO 22301 (Business Continuity ) and ISO 27001 (Information Security). This article clarifies whether one standard or management system would provide reassurance for both disciplines.
The Information Commissioner’s Office (ICO) released its 2016/17 annual report on 13th July, which showed another steep rise in the number of data protection incidents. There were a total of 2565 self-reported data protection incidents in 2016/17, an increase of over 30% from the previous year. Once again the top sectors, by number of incidents, [...]
A quick summary of the cyber news today, and it is clear that the same key lessons are emerging as have already been noted this week. Indian restaurant guide, Zomato, is reporting the theft of data of some 17 million users. From the phrasing in their blog, it appears that they have just found the breach, [...]
There has understandably been much focus, over the last few days, on information security in the NHS. Whilst there is still no suggestion that any patient data was breached in the recent ransomware incident, breaches of patient data remain a global problem within the healthcare sector: over 30 million patient records were breached in the [...]
Hot on the heels of the massive ransomware attack on 12 May 2017, reports are emerging of ransomware attack on Disney. Unlike the Wannacry attack, which has impacted over 200,000 computers in 150 countries, the Disney attack has been deliberately targeted, with hackers threatening to release segments of the new Pirates of the Caribbean film [...]