The past three years of Brexit negotiations have largely proved William Goldman’s adage that “nobody knows anything”. No one can tell you what Brexit will entail and very little has been finalised. Sure, there has been a flurry of recent …
Anti-malware technology is one of the most basic cyber security mechanisms that organisations should have in place, but according to IT Governance’s 2019 Cyber Resilience Report, 27% of respondents haven’t implemented such measures. This finding is even more surprising given …
IT Governance, part of GRC International Group, is looking to recruit recent graduates with degrees or non-graduates with demonstrable skills and knowledge in either Networking, Digital Forensics, Ethical Hacking or Computer Science with strong technical knowledge of networking to become …
The EU GDPR (General Data Protection Regulation) grants data subjects the right to access their personal data. This is known as a DSAR (data subject access request). Subject access requests are not new, but the GDPR introduced several changes that make …
A security researcher has identified major flaws in many organisations’ DSAR (data subject access request) procedures. James Pavur contacted dozens of UK and US-based companies to request personal information about his fiancée in order to see how they would respond. …
The first 72 hours after you discover a data breach are critical. Why? The EU GDPR requires all organisations to report certain types of personal data breach to the relevant supervisory authority. More specifically, Article 33 dictates that, in the event …
The digital bank Monzo has told 480,000 customers to change their PINs after it discovered an error that allowed unauthorised staff to view sensitive information. Monzo said that it normally stored PINs in a “particularly secure” part of its systems …
Organisations that accept online payments must urgently address the threat of web-based skimming, the PCI SSC (Payment Card Industry Security Standards Council) has warned. The alert, issued in partnership with the Retail & Hospitality ISAC (information sharing and analysis centre …
Does the idea of being paid to hack into organisations’ systems sound appealing? Why wouldn’t it? The pay is good, it’s creative and you get to test your skills every day. But we’re not advocating that you break the law. …
To maintain compliance with ISO IEC 27001 (ISO 27001), you need to conduct regular internal audits. An ISO 27001 internal audit will check that your ISMS (information security management system) still meets the requirements of the ISO 27001 standard. Regular audits …
