ISO 27001: rocket fuel for your career


ISO/IEC 27001:2013 is acknowledged as the de facto global information security management standard. Helping organisations throughout the world protect themselves from the risks of cyber crime, ISO 27001 delivers significant competitive advantages to a business of any size. How can you start helping your company achieve the benefits of ISO 27001? Or, indeed, get started […]

List of data breaches and cyber attacks in September 2015

List of data breach1

It’s a big list this month and I don’t think I’ve even scratched the surface. There have been some interesting attacks and revelations this month, including the Imgur DDoS attack and the theft of six million US Government fingerprints. Passwords can be changed but fingerprints can’t. Data breach London’s 56 Dean Street clinic leaks HIV […]

Free download: Assured Security: Getting cyber secure with penetration testing

businessman with laptop in network server room

Keep criminals at bay by regularly testing your website, eliminating vulnerabilities and significantly increasing your resilience to cyber attacks. The evolving nature of cyber threats means that firewalls and automated web scanning solutions are no longer enough to protect your customers’ data. Did you know? 98% of organisations had their web applications compromised over the […]

89% of NHS-accredited health apps leaking personal data


An article published in the BMC Medicine journal earlier this month (Unaddressed privacy risks in accredited health and wellness apps: a cross-sectional systematic assessment) reports that 89% of health apps certified as trustworthy by the NHS Health Apps Library “transmitted information to online services” and none “encrypted personal information stored locally.” Researchers from Imperial College […]

Achieve PCI audit success with these guidelines (download)


As cyber attacks continue to grow, PCI DSS compliance failure rates are coming under the spotlight. The Verizon 2015 PCI Compliance Report revealed that nearly 80% of all businesses fail their interim PCI compliance assessment, leaving them vulnerable to cyber attacks. The report mentions that many organisations’ security measures aren’t slowing attackers down, as demonstrated […]

ISO 9001:2015 now available


ISO 9001, the world’s leading quality management system standard, has just been updated for 2015 to maintain its relevance in today’s marketplace and to continue to offer organisations improved performance and business benefits. With ISO 9001:2015 you can: Introduce an integrated approach with other management system standards Bring quality and continual improvement into the heart […]

Insider threat PSYOPs – know thy employees


This is a guest article written by Stuart Winter-Tear. The author’s views are entirely his own and may not reflect the views of IT Governance. Following on from my last post, in which I noted that a recent security survey revealed that 31% of all information security incidents were employee-related, I wanted to spend a little time on the insider […]