Emma Bordessa, Author at IT Governance UK Blog

Do your employees care about cyber security?

Emma Bordessa 29th March 2019 Cyber Security, Staff Awareness

A recent report has found that just 15% of IT decision makers in small organisations “completely agree” that their employees have a good understanding of cyber security, and 20% believe their employees don’t care about cyber security at all. What’s …

[Continue Reading...]

An exclusive interview with a CISO

Emma Bordessa 15th March 2019 Cyber Security

Earlier this month we caught up with Geraint Williams, CISO for GRC International Group plc, to find out more about information security and how he raises awareness within the workplace. Watch the video below to hear what Geraint had to …

[Continue Reading...]

58% increase in companies affected by BEC attacks

Emma Bordessa 21st December 2018 Cyber Security, Financial Services, Staff Awareness

Data from Lloyds Bank has revealed a 58% increase in BEC (business email compromise) attacks in the year to date. It is important to note that the “true scale of the problem is likely to be much larger” as this …

[Continue Reading...]

Start your cyber compliance journey with vsRisk Cloud

Emma Bordessa 12th October 2018 Risk Management

According to the Cyber Security Breaches Survey 2018, almost half of UK businesses experienced a cyber security breach or attack in the past 12 months. It’s imperative that all organisations conduct risk assessments when preparing and maintaining their cyber security …

[Continue Reading...]

Tips and advice for staying safe in the digital world

Emma Bordessa 2nd October 2018 Cyber Security

With an ever-increasing diversity of digital threats, it is important to understand the risks of going online. Graham Day, author of October’s book of the month, Security in the Digital World, says, “Attackers are slowly discovering all the ways that …

[Continue Reading...]

How to create documentation to comply with the NIS Regulations

Emma Bordessa 23rd August 2018 NIS Regulations

The NIS Regulations (The Network and Information Systems Regulations 2018) were enforced in the UK on 10 May 2018. They aim to improve national cyber security capabilities and increase cooperation between EU member states. Under the NIS Regulations, OES (operators …

[Continue Reading...]

What can we learn from the NHS Digital data breach?

Emma Bordessa 10th August 2018 GDPR, Healthcare

NHS Digital suffered a data breach in July that resulted in the confidential information of 150,000 patients being shared without their permission. The breach affected national data opt-out (formerly type 2 opt-out) patients. National data opt-out is used when patients …

[Continue Reading...]

The GDPR affects the use of email too

Emma Bordessa 3rd August 2018 GDPR, Staff Awareness

Data breaches caused by the misuse of email are becoming common, with a lack of appropriate staff training consistently to blame. The ICO (Information Commissioner’s Office) recently issued a fine of £200,000 to the Independent Inquiry into Child Sexual Abuse …

[Continue Reading...]

Expert guidance for implementing an ISMS

Emma Bordessa 24th July 2018 ISO 27001

An ISMS (information security management system) should be an essential part of any organisation’s information security practices. It consists of a set of policies, procedures and controls that manage threats to your data, such as cyber attacks, hacks, data leaks …

[Continue Reading...]

The business case for ISO 27001

Emma Bordessa 18th July 2018 ISO 27001

Most organisations know the importance of information security, but some struggle to understand what an information security breach would mean from a business management perspective. What is ISO 27001? ISO 27001 is the international standard that describes best practice for an …

[Continue Reading...]

Emma Bordessa Archive