The NHS Test and Trace Programme leaves no doubt that it involves the processing of personal data on a large scale. The service was established to form a central part of the government’s coronavirus recovery strategy was formally launched on the 28th of May 2020. The aim of this service is to help identify, contain […]
19
Aug
Aug
Once you have successfully attained Cyber Essentials Plus (CE+) certification and the celebrations are over, what do you do? Do you just sit back and be happy that CE+ has been achieved or do you build upon it? Well, it all depends on why you undertook to achieve CE+ in the first place. Many companies […]
13
Aug
Aug
Certifying to Cyber Essentials Plus Although many organisations pursue Cyber Essentials Plus (CE+) certification in order to meet public sector contract requirements, there are other numerous benefits of Cyber Essentials Plus. These are self-evident to most information security professionals, but in case you’re struggling for words here they are. Reassure customers that you are working […]
13
Aug
Aug
The EU-US Privacy Shield was invalidated on the 16th of July 2020 by a ruling of the EU Court of Justice (CJEU). This ruling was done in the case known as Schrems II (C-3111/18). This case challenged the processes for personal data transfers between the EU and the US on the basis to hold that […]
04
Aug
Aug
Secure your applications to avoid over 43% of breaches Did you know the primary applications used by most businesses are web applications (i.e. websites)? Attacks against web applications are attacks on the application layer. Verizon’s 2020 data breach report suggests web applications were involved in 43% of known breaches. Statistics cannot be used to account […]
30
Jul
Jul
ISO 27001 Accreditation Bodies UK Before choosing an ISO certification body for your ISO 27001 certification you need to understand the reasons for obtaining the certificate. Many clients want the ISO certificate to demonstrate to clients and partners that they take information security seriously. Others have requirements for certification to allow them to bid for […]
22
Jul
Jul
We’re proud to announce this new service. Risk Crew, the elite group of information security governance, risk & compliance experts, and the forerunners in the design & delivery of innovative & effective solutions, has released Risk-driven Application Security Testing Services. What is the service for? The Risk-driven Application Security Testing Service is a proven process […]
21
Jul
Jul
Did you know that human error caused 90% of UK data breaches in 2019, according to the ICO? Register for this free webinar and find out how to mitigate this imminent threat with current best practices and training methods for the workplace – whether that is in the office or at home. Plus you’ll get […]
20
Jul
Jul
There are many questions around why a Data Protection Officer (DPO) is needed and what their role is in an organisation. In this post, I’ll answer common questions that have been asked by organisations seeking to comply with the GDPR and DPA and from those looking to take on a DPO role. What is the […]