With stories of data breaches appearing daily, many organisations will be wondering when their time will come. The situation might seem hopeless, with cyber criminals outnumbering overworked and underfunded information security personnel, but there are plenty of ways you can improve your defences, even on a tight budget.
This blog outlines some of the free resources IT Governance offers to help organisations prevent, prepare for and respond to data breaches.
- Conducting a Data Flow Mapping Exercise Under the GDPR: Data mapping is an essential part of information security, helping organisations discover where information is held and which areas are vulnerable. This free guide explains how data mapping works and why it’s essential to meet the requirements of the EU GDPR (General Data Protection Regulation).
- Risk Assessment and ISO 27001: Risk assessments should be conducted whenever you begin or amend a project, and they’re all the more important when information security is at stake. ISO 27001, the international standard for information security, includes explicit requirements for how and when to conduct risk assessments. This green paper explains each requirement and how you can comply.
- Nine ways to improve your security awareness programme: People are widely acknowledged to be the weakest part of any security system. This green paper explains how you can improve your staff’s ability to identify and avoid mistakes.
- Cyber incident response (CIR) management – An introduction: Cyber attacks have become so sophisticated that even organisations with near-flawless defences are being breached. It’s impossible to make your systems completely impenetrable, so you need to prepare for the inevitable. This means ensuring you have a plan for responding to breaches.
- Five steps to a successful ISO 27001 risk assessment: In this hour-long presentation, IT Governance Director Steve Watkins unpacks the components of effective risk management and shares his tips for creating and maintaining an ISO 27001-compliant ISMS (information security management system).
- CIRM (Cyber incident response management) webinar series: This three-part series provides a comprehensive introduction to incident response, helping you recognise and mitigate risks before it’s too late.
- GDPR webinars: The GDPR has been described as the most significant change to data protection rules in decades. Organisations struggling to meet its requirements would benefit from our webinars, which explain the most important changes in simple terms.
Videos, blogs and podcasts
- Conducting a data flow mapping exercise under the GDPR: This video, hosted by IT Governance’s founder and executive chairman, Alan Calder, explains how data flow mapping helps you comply with the GDPR, and shows you exactly what you need to do.
- Our InfoSec Weekly Podcast discusses the latest cyber security news, including analysis of recent breaches and explanations of what the organisation did right or wrong.
- Our blog provides daily updates on all things information security-related. This includes commentary on recent data breaches and news stories, as well as advice on issues that your organisation should be concerned about.
- Security Awareness Programme demo: Find out how you can transform the way your staff learn about security risks with a demonstration of our customisable Security Awareness Programme. It includes content from some of our popular e-learning courses; examples of awareness presentations, newsletters, digital campaigns and awareness posters; and guidance on potential solutions to address your specific requirements.
These free resources will help you better understand how to approach information security, but one of the biggest obstacles to preventing data breaches is budget. You probably won’t have the luxury of implementing everything that could possibly help. Instead, you’ll need to carefully choose the appropriate tools and services for your organisation.
IT Governance understands this. Our #BreachReady campaign provides flexible solutions for organisations with different requirements, including advice on how to manage cyber security, and a special SPF (Security Protection Factor) offer to help you get the tools and services you need.