Anyone interested in getting into or advancing their career in cyber security probably knows that they will need training and qualifications. But given that the field is so broad, how are you supposed to decide which course is right for …
Norsk Hydro, one of the world’s largest aluminium producers, has been hit by a cyber attack that has knocked out IT systems in facilities across the globe. The Norway-based organisation says the attack began on Monday, 19 March 2019, and is ongoing. Many of its systems are offline, …
ISO 27001 is the international standard that describes best practice for an ISMS (information security management system). The Standard takes a risk-based approach to information security, requiring organisations to identify threats to their organisation and select appropriate controls to tackle …
Earlier this month we caught up with Geraint Williams, CISO for GRC International Group plc, to find out more about information security and how he raises awareness within the workplace. Watch the video below to hear what Geraint had to …
In our last ever podcast, we discuss Citrix’s data breach, the GDPR and cookie walls, data breach notification, and Patch Tuesday. Hello and welcome to the IT Governance podcast for Thursday, 7 March 2019. It’s our last episode, so I …
This blog has been updated to reflect industry updates. Originally published 24 March 2016. Although ISO 27001 is built around the implementation of information security controls, none of them are universally mandatory for compliance. That’s because the Standard recognises that …
IT Governance has been working with gambling operators for more than 15 years, helping them to comply with a range of regulations, so we were interested to see evidence that two of the UK’s biggest gambling trade bodies are set …
The digital landscape is changing quickly, and cyber crime is on the rise. Last year there were 2.3 billion data breaches, compared to 826 million in 2017. With attacks becoming increasingly sophisticated and hard to defend against, they can cost …
This blog has been updated to reflect industry updates. Originally published 6 August 2018. Under the EU GDPR (General Data Protection Regulation), organisations must respond to a serious data breach within 72 hours of becoming aware of it. This places …
For many organisations, last year’s GDPR (General Data Protection Regulation) compliance deadline was a whirlwind of privacy policy updates, data protection training courses and hours spent online researching exactly what a ‘controller’ and ‘processor’ are. In the nine months since, …
