Julia Dutton Archive

In common with all IT professionals, information security specialists are very aware of the importance of qualifications in demonstrating competence to their current and future employers. Information security is a complex, multidisciplinary field, though, and choosing a learning path that …

Since a no-deal Brexit is starting to look more and more likely, the UK government recently released additional guidance to supplement the ICO’s (Information Commissioner’s Office) previous description of the future data protection regime. The government has stated that it will …

This blog has been updated to reflect industry updates. Originally published 6 August 2018. The EU GDPR (General Data Protection Regulation) requires organisations to respond to serious data breaches within 72 hours of detection. This places a significant burden on …

The NIS Regulations 2018 (The Network and Information Systems Regulations) are derived from the NIS Directive (the EU Directive on security of network and information systems), and took effect on 10 May 2018. What is the objective of the NIS …

The Directive on Security of Network and Information Systems (NIS Directive) ((EU) 2016/1148) aims to achieve a high common level of network and information systems security across the European Union. IT Governance has prepared a free compliance guide based on …

Although data breaches as a result of cyber attacks get all the press, it is often negligence or a lack of basic processes, policies and procedures that result in data breaches. The Information Commissioner’s Office (ICO) compiles quarterly statistics about …

An ISO 27001-compliant ISMS requires ongoing maintenance and review to meet the Standard’s requirements in clauses 8 and 9. The internal audit is an essential element of this process that must be carried out as described in clause 9.2 of …