May
As discussed in our previous blog post: 4 Working from Home Security Tips, many organization have changed the way they connect and communicate in their new working from home (WFH) environments. Therefore organisations must adjust data protection controls to account for changes that the pandemic has brought in our new working environments. The development of COVID-19 […]
May
In 2019, the ICO fined Marriott Hotels £99 million under the GDPR for not undertaking sufficient due diligence to secure its systems when it acquired Starwood Hotels Group. This resulted in 339 million unprotected guest records being exposed. Elizabeth Denham, Information Commissioner stated: “The GDPR makes it clear that organisations must be accountable for the […]
May
The Covid-19 pandemic made it imperative for organisations to conduct business remotely in order to stay competitive during the UK lockdown. Many have adjusted quickly, changing the way they deliver services, connect and communicate with employees in their new working from home (WFH) environment. HR policies may have been changed to allow for WFH but […]
May
Are you fully compliant to the GDPR and DPA 2018? Can you prove it? Want to learn more on how to ensure evidence of compliance? If so, this webinar is for you. Register for the webinar: Data Protection: What Constitutes ‘Evidence of Compliance?’ The session covers: Data protection due diligence. How much is enough? […]
May
Previously known as ‘privacy by design’, “data protection by design and default” has always been part of the UK Data Protection Law. But the key change is with the General Data Protection Regulation (GDPR) now making it a legal requirement. The GDPR requires you to put in place appropriate technical and organisational measures to implement […]
Apr
Social engineering can be summed up as hacking the human. Simply put it is the action of leveraging human frailty – our reaction to urgency, to compliance with perceived figures of authority, to taking information at face value – and using it against us as a way of eliciting information or performing unauthorised actions. Social […]
Apr
Do you understand the principle of Data Protection by Design & Default? Does your organisation adhere to this much over-looked data protection requirement? If not, you aren’t alone. Register for the webinar: How to Implement Data Protection by Design & Default The session will cover: What is Data Protection by Design and how do […]
Apr
Whether you’re an existing Cyber Essentials or Cyber Essentials Plus certificate holder or not, you may be aware that the certification process is going through some changes – these are almost exclusively related to the accreditation process rather than the actual elements of the certification and framework – we’ll walk you through all of it. […]
Apr
CREST Penetration Testing If you are looking to book your next penetration test and your prime consideration is getting the cheapest and quickest one available, simply because you need to tick a box, then this blog piece isn’t for you. If, on the other hand, your main concern is gaining a comprehensive picture of the […]