Hackers Found Exfiltrating Corporate Data Using Video

ddos-attack-protection-plan

As more and more organisations are stepping up their security, cyber criminals are being forced to improve their methods of committing cyber crimes. Security experts at Skyhigh Networks have discovered an instance of cyber criminals using video sharing services to tunnel sensitive data out of organisations. No, they’re not videoing each document and uploading it […]

Earn money with IT Governance’s affiliate programme

ITG-logo_small

IT Governance has been running strong for 13 years now, and in that time we’ve established ourselves as the one-stop shop for comprehensive corporate and IT governance information, advice, guidance, books, tools, training and consultancy. Interested in earning some money by referring people to us? It’s available if you want it – all you need […]

Meet your regulatory obligations first, says ISO/IEC 27001:2013

Legal

For those who are transitioning from ISO27001:2005 to ISO27001:2013, the new standard is clear that the selection of controls should be determined through the process of risk assessment and treatment, and not only from Annex A. Clause 4.2 of ISO27001:2013 specifically details the importance of the needs and expectations of interested parties: “The organisation shall determine […]

Are we all project managers now?

blog-standards

Modern life is full of complexity – we all undertake many different tasks at home and at work. In a sense, we all function as project managers, whether it is planning a holiday for our families or planning a major new initiative at work. We often don’t realise we are using the basic skills of […]

Data breaches: are we in danger of crying wolf too many times?

file0001933248468

Most people have heard the fairy tale of The Boy Who Cried Wolf from Aesop’s Fables, in which a young shepherd repeatedly cries wolf to trick nearby villagers into thinking a wolf is attacking his flock. Of course, when a wolf does actually attack his flock, his cries for help go unheeded. Thinking about this […]

AXELOS extends the contracts of six examination institutes

Side view of two blurred businessmen talking in conference room

AXELOS®, owners of the ITIL® and PRINCE2® Global Best Practice methodologies, has extended the contracts of six examination institutes. APMG, BCS, CSME, EXIN, Loyalist, and PeopleCert have had their contracts for offering exams for AXELOS’s Global Best Practice portfolio extended for three years from January 2015. In a press release on AXELOS’s website, they explained […]

Free webinar: Conducting an information security risk assessment with vsRisk

blog-standards

Risk assessments are an essential component of effective information security management: only by adequately evaluating the threats you face will you be able to establish a suitable security posture that can protect your organisation’s critical data assets – and profits. PwC’s 2014 Global State of Information Security Survey found that the number of detected incidents […]

HMRC phishing scam exposed!

iStock_000024086772XLarge

If you receive an email offering a tax rebate and think it’s too good to be true, it is. HM Revenue and Customs has reported a massive increase in phishing emails purporting to offer rebates to taxpayers. 74,743 scam emails were reported to HMRC between April and September this year, a 70% increase on the […]