ISO 27001: rocket fuel for your career


ISO/IEC 27001:2013 is acknowledged as the de facto global information security management standard. Helping organisations throughout the world protect themselves from the risks of cyber crime, ISO 27001 delivers significant competitive advantages to a business of any size. How can you start helping your company achieve the benefits of ISO 27001? Or, indeed, get started […]

Three qualifications information security professionals should consider

Use the default Apple iOS Mail app on your iPhone, iPad or iWatch? Careful now…

A recent article in Information Security Magazine summarises the findings of a new global report by RAND Corporation, titled “The Defender’s Dilemma: Charting a Course Toward Cybersecurity”. Although it focuses more on the challenges CISOs face, the report also offers some useful conclusions that, to my mind, every organisation should take into account. As described […]

Five free compliance resources for information security professionals


In today’s complex regulatory environment, and with increasing scrutiny of their information security and data protection practices, organisations cannot afford to be complacent. This puts more pressure on those individuals within the organisation who are responsible for ensuring information is safe and compliance is maintained. Here are five free resources that can help information security […]

Five reasons to choose the ISO 27001 Documentation Toolkit


Implementing the global information security standard ISO 27001 is a great way of protecting your information assets. Creating an information security management system (ISMS) aligned with the Standard will help you build robust cyber defences, improve how you manage data and help you meet your compliance obligations. The most complex part of any ISO 27001 […]

Don’t have an information security awareness programme? You’re not alone


Phishing scams, dodgy attachments, weak passwords, websites without security certificates, using your mobile for work purposes… the list of potential sources for security breaches is endless. When it comes to information security, do you know what your role is, and what you should or shouldn’t be doing? Does your business have an information security awareness […]

Only 25% of directors are actively involved in reviewing security and privacy risks

Banks demand law firms do more to protect their information

PwC’s 2015 Global State of Information Security Survey reveals that 50% of organisations now have cyber insurance to protect themselves against cyber risks and the misuse of personal data. This statistic supports the commonly accepted view that cyber risks will only continue to increase in potency and impact. In fact, the number of respondents that […]

Employees are the most-cited culprits of infosec incidents

Shocking cyber security stats

According to PwC’s Global State of Information Security® Survey 2015, employees have become the most-cited culprits of information security incidents – whether intentionally or not. The percentage of respondents who pointed at current employees as the cause for incidents has jumped by 10% since 2013. Moreover, 32% of the respondents of the 2014 US State […]

Having a ‘head for business’ essential for information security


In this interview we talk to Maldar Ali, Information Security Risk Leader of EMEA at a leading financial services firm in the United Kingdom.  1. Maldar, welcome and thank you for participating in this interview. What do you believe is the biggest threat to information security today? There are many threats, such as APTs, but I […]

Ignorance responsible for 70% of staff-related breaches

Handsome Business Man in Suit with Surprised Expression

Phishing attacks remain a serious concern for organisations around the world.  No matter how much an organisation invests in firewalls, antivirus software or malware protection, all too often the weak link in the security chain is the human element. Employees are increasingly becoming the hapless targets of elaborate phishing scams, and the volume of such […]