Halkyn Security Blog
Specialist Security & Risk Management Consultants

Posts tagged Security Risk Management

Staysure security breach leads to ICO Fine

Staysure insurance fined for failing to have any security policies.

The Information Commissioner’s Office announced on 24 Feb 2015 that it had levied a monetary penalty of £175,000 against the holiday insurance company Staysure. The fine came about as a result of Staysure suffering a security breach on their website which exposed more than 100,000 customer records and led to more than 5,000 customers having their credit […]

Read More

Retail security, business protection, loss reduction

The retail sector remains vulnerable to cyber attacks

Retail security is in the news again as the British Retail Consortium (BRC) report that crime in this sector has reached a 10 year high. This reporting appears to indicate crime accounts for almost 0.2% of the total sector turnover. As reported by the BBC this includes the possibly obvious activities such as shoplifting, but […]

Read More

Employee Security – High risk terminations

Employee security: Layoffs are high risk situations.

Employee security really does matter. Your employees are the lifeblood of every organisation. You put a lot of effort into hiring new staff, you train them, you nurture them and in return you get a massive amount of value. However, like it nor not, there will come a point in time when even your best […]

Read More

Business continuity – 5 things to consider this winter

Snow can disrupt your business.

In the northern hemisphere at least, winter is now upon us and this is time for all business owners to think about how well their business can cope if the weather turns bad. In the UK, we have had a succession of very bad winters and all size of organisations have suffered. In 2009, the […]

Read More

Encryption – it is your responsibility

Encryption – it is your responsibility

Encryption is important. This has always been well known, and with the recent revelations about PRISM and related Government monitoring of communications, people have become understandably more interested in the topic. However, keep in mind the fact that doing encryption wrong is worse than not doing it. In recent years it has become more and […]

Read More

Lack of Laptop Encryption costs City Council £150,000

The Information Commissioner’s Office (ICO) has announced today that it has fined Glasgow City Council £150,000 following the loss of two laptops because neither had any encryption software applied. The fine follows an incident where two laptops were stolen from Council offices during refurbishment. To complicate matters, the Council had already been made aware of […]

Read More

Passwords are not bad, just dont trust vendors

Passwords are not bad, just dont trust vendors

Passwords are in the news again, with yet another headline crying out for the death of the password and claiming that everyone should move to two factor authentication (2FA) for all their online activities. As with all these claims, it is worth looking at them in greater detail before we give up on of the […]

Read More

Pre-employment Security Screening – Reducing the workforce risk

pre-employment screening

It can be hard for a business to bring in new workers. The trusted insider poses a unique threat to any organisation – not only can the insider do you considerable harm but, for your business to function, you have to be able to trust your employees and let them get on with their job. […]

Read More

Another lack of encryption leads to a Data Protection Act Fine

NHS & Healthcare Security - Sensitive data needs proper protection.

On Friday, 15 Feb 13, the Information Commissioner’s Office (ICO) announced that the UK Nursing and Midwifery Council (NMC) had been fined £150,000 for a breach of the data protection act. (It is worth bearing in mind that the NMC has recently raised the registration fees for Nurses to £100 per year) It seems that […]

Read More

Mandatory Reporting of Data Security Breaches

It has been announced that the European Commission, together with the High Representative of the Union for Foreign Affairs and Security Policy, is looking to bring in mandatory reporting of information security breaches, at least within some industry sectors. In an interesting press release titled “EU Cybersecurity plan to protect open internet and online freedom […]

Read More

Do you value your security?

Do you value your security?

We are in a new year now, the end of the world never materialised and everyone will be back at work, getting ready to push on their new years resolutions – even the ones doomed to failure. Unfortunately, lots of the mistakes that were made last year will be repeated and it likely that during […]

Read More

Cash in Transit – Still a security risk

Cash in Transit – Still a security risk

In the news today there was a report about a cash delivery being attacked in Brentwood, London, which involved three masked attackers stunning the security guard with a Taser and trying to get access to the cash being delivered. (As reported here) Robberies like this have been quite rare recently, down to a combination of […]

Read More

Business Security Guide – Free Download

Business Security Guide – Free Download

The effects of crime can be devastating on people and businesses. While recent crime trends have been reassuring, there is still a reported 1 in 50 businesses in the United Kingdom that suffer a robbery or burglary each year. This can create a terrible economic burden on both the business itself and the surrounding community […]

Read More

Bad Security – Taking Risks and Not Realising It

Bad Security – Taking Risks and Not Realising It

Another fine has been issued by the Information Commissioner’s Office (ICO) and, again, it is the result of something that could easily have been prevented if a bit of time and money had been spent in advance. On Thursday, 22 Nov 12, the ICO reported levying a £60,000 Civil Monetary Penalty (fine) on Plymouth City […]

Read More

Security is the cheaper option – stop avoiding it.

Security is the cheaper option – stop avoiding it.

Another Data Protection Act fine (civil monetary penalty) was announced yesterday (25 Oct 12), and again it is largely the result of risk management mistakes meaning that a cheap preventative measure was ignored and, instead, a fairly hefty fine has been paid. The fine came as a result of a solicitor acting on behalf of […]

Read More

Recent Tweets Recent Tweets