A Ponemon Institute survey has found that 95% of organisations will be performing a cyber security risk assessment in the next 12 months. It’s no wonder this figure is so high, given that risk assessments are essential to identifying potential …

This week, we discuss an alert from the NCSC, US DHS and FBI, a £120,000 fine for the Royal Borough of Kensington and Chelsea, and a data breach at IKEA’s TaskRabbit marketplace. Hello and welcome to the IT Governance podcast …

ISO 20000 is an IT service management (ITSM) standard that ensures an organisation’s ITSM processes are aligned with international best practice, as well as the needs of the organisation itself. This standard helps organisations benchmark how their managed services are …

A Public Account Committee (PAC) released its latest report today, reviewing the impact and response to the WannaCry cyber attack targeting healthcare. The attack in May 2017 affected 80 of the 236 NHS Trusts, and 603 NHS organisations overall across …

An integral part of your EU General Data Protection Regulation (GDPR) compliance project is producing appropriate documentation, which includes a personal data breach notification procedure. If you’re just beginning your GDPR project, it’s unlikely that you’ll be fully compliant by …

As most health and social care organisations will be aware, the Data Security and Protection (DSP) Toolkit replaced the Information Governance (IG) Toolkit from April 2018 as the compliance standard for any organisation looking to access NHS networks. Although the …

Last week the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA) released their annual report on the cyber threats facing UK businesses. The report examines how cyber activity has impacted UK businesses over the past 12 months …