When organisations begin their ISO 27001 certification project, they must prove their compliance with appropriate documentation. That involves documenting your information security risk assessment process. In this blog, we explain how you can do that. Elements of the ISO 27001 risk assessment …
Under the GDPR (General Data Protection Regulation), a lawful basis must be documented when organisations process personal data. But what is a lawful basis for processing? Do you always need individuals’ consent to process their data? And what exactly are …
As organisations start to consider life after COVID-19, they’ll realise that it’s not as simple as putting everything back the way it was in the Before Times. That ship has sailed. There have simply been too many benefits to remote …
There was widespread panic on Tuesday after a major Internet outage knocked dozens of websites offline. Amazon, Reddit and Twitch were all affected, as were the Guardian, the New York Times and the Financial Times. Additionally, the UK government website …
The documentation of processing activities is a new legal requirement under the EU GDPR (General Data Protection Regulation). Documenting your processing activities can also support good data governance, and help you to demonstrate your compliance with other aspects of the …
The EU GDPR (General Data Protection Regulation) requires certain organisations to appoint a DPO (data protection officer) to comply with the Regulation. However, a shortage of DPOs means many organisations appoint staff to act as DPOs without the proper level of expertise, experience or qualifications. The …
Welcome to June’s review of phishing scams, in which we look at the criminals’ latest tactics and provide examples of successful frauds. This month, we look at a scam in which victims are sent a cryptic email asking if they …
Cyber Essentials is a UK government scheme that outlines the basic steps that organisations can take to secure their systems. Implementing its five controls effectively will help you prevent about 80% of cyber attacks. In this blog, we take a …
For the second month in a row, ransomware has dominated our list of data breaches and cyber attacks. Of the 128 publicly disclosed incidents that we discovered in May, more than 40% of them were ransomware attacks. But, of course, …
UK police forces experienced 2,386 data breaches in 2020, according to data gathered by VPNoverview. The information was made available following a Freedom of Information request, which 31 of the UK’s 45 police forces responded to, and includes several concerning …
