ISO 27001 Archive
Ships have experienced a digital transformation in recent years. New technologies are helping them navigate the waters and ensure that everyone on board experiences the connectivity and convenience they expect. However, this increased volume of data has made ships an …
To comply with ISO 27001, the international standard for information security, you need to know how to perform a risk assessment. This process is at the core of your compliance measures, as it helps you identify the threats you face …
In November, Lush – the high-street store known for its fragrant, eco-friendly beauty products – temporarily lost the ability to take card transactions after a member of the IT team “deleted the till system by accident”. As a result, Lush …
The ISO 27001 implementation and review processes revolve around risk assessments. This is where organisations identify the threats to their information security and outline which of the Standard’s controls they must implement. The process begins by defining a methodology, i.e. …
Gap analyses and risk assessments are two of the most important processes organisations must complete when implementing ISO 27001 or reviewing their compliance status. There are a lot of similarities between the two, which often causes organisations to confuse them …
In common with all IT professionals, information security specialists are very aware of the importance of qualifications in demonstrating competence to their current and future employers. Information security is a complex, multidisciplinary field, though, and choosing a learning path that …
With cyber security affecting businesses worldwide, it is important that all organisations have a policy in place to state and record their commitment to protecting the information that they handle. We have collated some information from Alan Calder’s Nine Steps …
Since the EU GDPR (General Data Protection Regulation) took effect in May 2018, Scottish organisations are inevitably focusing on protecting the confidentiality, integrity and availability of the personal data they process in order to minimise the risk of administrative fines, …
Organisations are always looking for ways to improve their cyber security defences, but they often overlook the value of enrolling their employees on cyber security training courses. Here are three reasons to consider it: Reduce the risk of data breaches …
Hopefully your organisation understands the importance of ISO 27001 by now. It’s the international standard for information security, and its framework can be used to reduce the risk of data breaches, ensure that your data protection practices are as efficient …
