Information security and cyber attacks have been hitting the news again in the last two weeks. Sony and the IMF are two of the high profile organisations who have been penetrated and had data stolen. Additionally, Surrey and North Lanarkshire councils both breached the Data Protection Act (DPA), with the former incurring a huge £120,000 fine for its lack of encryption on sensitive data.
These stories highlight how information security is an issue that needs to be taken seriously by any organisation, of any size, in any sector. Failure to do so can leave your organisation exposed to cyber threats; and be potentially disastrous to your business.
Organisations must understand that information security is an overall business issue, not just an IT one. And, that employees require sufficient training to understand their role in regards to information security. At IT Governance we provide a range of cost-effective e-learning courses to help you meet these training requirements:
- Information Security Staff Awareness e-learning course
- Information Security & ISO27001 Staff Awareness e-learning course
- DPA Staff Awareness e-learning course
- PCI DSS Staff Awareness e-learning course
Download a fee technical briefing paper, on the use and protection of data on laptops, USB memory sticks and other portable or removable storage devices in the workplace here.
Is your organisation DPA Compliant?
All UK organisations must comply with the DPA. Does yours? Order our DPA Compliance Assessment Tool for less than £30 and find out today. For those seeking DPA compliance, IT Governance can provide a range of services and products to assist your organisation:
- DPA Compliance Gap Analysis & Consultancy service – This is a practical, effective way to identify gaps in your current DPA activity.
- The Data Protection Act (DPA) 1-Day Course – Gives a comprehensive, practical and up-to-date overview of DPA compliance requirements.
- DPA Compliance Toolkit – A unique, inexpensive and comprehensive resource for those looking for DPA compliance.
ISO27001 & Information Security Management Systems
To ensure protection of your critical assets, information security and compliance with regulatory standards, an ISO27001 accredited Information Security Management System (ISMS) is the way forward. ISO27001 is the international Standard for an ISMS and will underpin IT security for the next decade.
For those new to ISO27001, our free ISO27001 introductory briefing paper is a fantastic place to start. The paper highlights the importance of information security and how ISO27001 can help your business.