Luke Irwin, Author at IT Governance Blog

How do data breaches happen? Understanding your organisation’s biggest threats

Luke Irwin 26th June 2019 #BreachReady, Breaches and Hacks

Data breaches are fast becoming a top priority for organisations. But it’s not only cyber criminals hacking your systems that you should be concerned about; there are many other ways your systems and information can be compromised. Let’s go through …

[Continue Reading...]

What you need to know before sitting the CISSP

Luke Irwin 26th June 2019 Uncategorised

If you’re interested in gaining a high-ranking position in the information security industry, you’ll probably need the CISSP® exam (Certified Information Systems Security Professional) qualification. In this blog, we explain everything you need to know before enrolling on a CISSP …

[Continue Reading...]

What is angler phishing?

Luke Irwin 24th June 2019 Cyber Security, Fighting cyber crime

A version of this blog was originally published on 19 June 2017. Many of us live out whole lives on Facebook, Twitter, Instagram and LinkedIn, publicising our thoughts, interacting with friends, strangers and businesses, and keeping abreast of current affairs. …

[Continue Reading...]

What are the 10 steps to cyber security?

Luke Irwin 21st June 2019 Uncategorised

Anyone looking for advice on how to achieve effective cyber security should consider the NCSC’s (National Cyber Security Centre) 10-step guide. Originally published in 2012, it is now used by the majority of FTSE 350 organisations. In this blog, we …

[Continue Reading...]

The ICO admits that its cookie policy violates the GDPR

Luke Irwin 20th June 2019 EU GDPR

The UK’s data protection watchdog has admitted that its website’s cookie policy breaches the requirements of the GDPR (General Data Protection Regulation). The ICO (Information Commissioner’s Office) made the statement following complaints that it was storing visitors’ personal data without …

[Continue Reading...]

Will you suffer a data breach if you implement ISO 27001?

Luke Irwin 20th June 2019 Breaches and Hacks, ISO 27001

Someone recently asked us: “Will my organisation be breached if we implement ISO 27001?” At first we thought they meant ‘will implementing ISO 27001 make me susceptible to data breaches?’ to which the answer is obviously ‘no’. ISO 27001 is …

[Continue Reading...]

Examples of data processing activities that require a DPIA

Luke Irwin 19th June 2019 EU GDPR

The GDPR (General Data Protection Regulation) requires organisations to conduct a DPIA (data protection impact assessment) whenever processing is ‘likely to result in a high risk’ to the rights and freedoms of individuals. The Regulation doesn’t define what ‘high risk’ …

[Continue Reading...]

Home Office report reveals susceptibility to accidental data breaches

Luke Irwin 19th June 2019 Breaches and Hacks

The Home Office reported 35 data breaches to the ICO (Information Commissioner’s Office) in 2018–19, including several cases of employees accidentally disclosing sensitive information to unauthorised parties. A further 1,895 data breaches were logged by the Home Office’s data controller …

[Continue Reading...]

How Ireland became Europe’s data protection watchdog

Luke Irwin 14th June 2019 EU GDPR

When the GDPR (General Data Protection Regulation) took effect a year ago, it promised to overhaul the EU’s data protection landscape. Things have moved a little slower than expected for most member states, but that’s not been the case in …

[Continue Reading...]

What is data protection by design and default

Luke Irwin 13th June 2019 EU GDPR

If your organisation is subject to the GDPR (General Data Protection Regulation), you’re probably aware of your requirement to “implement appropriate technical and organisational measures” to protect the personal data you hold. An essential principle of this is data protection …

[Continue Reading...]

Luke Irwin Archive