Information security policies are essential for tackling organisations’ biggest weakness: their employees. Everything an organisation does to stay secure, from implementing technological defences to physical barriers, is reliant on people using them properly. It only takes one employee opening a phishing email or …
Amid the mad dash for bargains and inevitable stories of shop-floor brawls, Black Friday brings with it a spike in cyber security threats, as cyber criminals take advantage of people desperate for bargains. In this blog, we look at some …
When the UK left the EU on 31 January 2020 – sparking a transition period that ends on New Year’s Eve – there were plenty of questions about how organisations would transfer personal data to and from EU member states. …
When the European Court of Justice invalidated the EU–US Privacy Shield earlier this year, organisations were left unsure about how to legally transfer personal data into and out of the EU. The ruling was made following criticism from the Austrian …
Under the GDPR (General Data Protection Regulation), all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. Additionally, there are circumstances in which schools must report breaches to …
Cyber attackers have been increasingly turning their attention to MSPs (managed service providers) in recent years, with devastating results. MSPs often work with dozens, if not hundreds, of organisations – so a single vulnerability can have far-reaching consequences. You don’t …
A database belonging to Prestige Software – containing over 10 million files – has been found publicly accessible online. Security experts working for Website Planet discovered that the Spanish software firm failed to password-protect an AWS S3 bucket that held …
Each year, certain healthcare organisations must complete a self-assessment via the DSP (Data Security and Protection) Toolkit to demonstrate their data security and information governance compliance. The deadline is normally 31 March, but in light of the COVID-19 pandemic, the cut-off for …
There has never been a better time to start a career in cyber security. Organisations’ reliance on technical solutions has only increased with the global switch to remote working, creating a huge demand for qualified personnel. But it can be …
The EU GDPR (General Data Protection Regulation) requires certain organisations to appoint a DPO (data protection officer) to help them comply with the Regulation. However, a shortage of DPOs means many organisations are appointing staff to act as DPOs without …
