Luke Irwin, Author at IT Governance UK Blog

List of data breaches and cyber attacks in July 2021 – 34 million records breached

Luke Irwin 2nd August 2021 Monthly Data Breaches and Cyber Attacks

We found 86 security incidents in July 2021, which accounted for 33,727,641 breached records. Those figures bring the annual running total of security incidents to 815 and the total number of breached records to 3,980,757,735. As always, you can find …

[Continue Reading...]

Ransomware attacks leave organisations ‘barely able to keep up’

Luke Irwin 29th July 2021 Ransomware

Earlier this month, we saw one of the most damaging ransomware attacks ever conducted, after the software company Kaseya was breached by the REvil gang. More than 1,500 organisations were affected, with the attackers demanding a $70 million (about £50 …

[Continue Reading...]

The benefits of NIS Regulations and the GDPR for Cloud service providers

Luke Irwin 27th July 2021 EU GDPR, NIS Regulations

The way Cloud service providers in the UK operate has changed dramatically in the past few years, thanks to a pair of regulations that took effect. The first – the EU GDPR (General Data Protection Regulation) – should be familiar …

[Continue Reading...]

How to build a cyber security incident response team (CSIRT)

Luke Irwin 22nd July 2021 Cyber Security

Who will you call when your organisation has been compromised? Having a cyber incident response team ready to go can save your organisation from disaster. There’s no escaping the threat of cyber security incidents. Criminals are constantly poised to exploit …

[Continue Reading...]

ISO 27001 vs. ISO 27002: What’s the difference?

Luke Irwin 22nd July 2021 ISO 27001

Anyone with an interest in information security will have encountered ISO 27001, the international standard that describes best practice for an ISMS (information security management system). However, you might not be as familiar with ISO 27002. It’s a supplementary standard …

[Continue Reading...]

What is an information security policy?

Luke Irwin 14th July 2021 ISO 27001

People are the weakest part of any organisation’s security defences. You can spend months designing flawless processes and investing in state-of-the-art technology, but these both only work if the people using them know what they’re doing. That’s why information security …

[Continue Reading...]

Data breaches and cyber attacks quarterly review: Q2 2021

Luke Irwin 13th July 2021 Monthly Data Breaches and Cyber Attacks, Navigate to Cyber Safety

Welcome to our second quarterly review of security incidents for 2021, in which we take a closer look at the information gathered in our monthly list of cyber attacks and data breaches. In this blog, we provide an overview of …

[Continue Reading...]

5 tips for incident response management success

Luke Irwin 8th July 2021 Cyber Security

The threat of cyber security incidents looms over all organisations. There are simply too many things that can go wrong – whether it’s a cyber attack, a technical malfunction or another delay – to assume that operations will always be …

[Continue Reading...]

Catches of the month: Phishing scams for July 2021

Luke Irwin 7th July 2021 Catches of the Month

Welcome to July’s review of phishing scams, in which we look at criminals’ latest tactics and provide examples of successful frauds. This month, we delve into the continued success of HMRC scams, look at why healthcare firms need to be …

[Continue Reading...]

How to write an ISO 27001 access control policy – free template

Luke Irwin 5th July 2021 Cyber Security

Access control policies are an unquestionably important part of ISO 27001. The requirements for producing one are outlined in section A.9 of Annex A, which contains 14 controls. In this blog, we explain what Annex A.9 covers and what your …

[Continue Reading...]

Luke Irwin Archive