Dashboards vs Security – are they really helping?
Metrics, Dashboards and Security Like them or not, metrics are a fundamental part of every organisation. Security doesn't get to a free pass. It is a rare CISO who doesn't demand…
Metrics, Dashboards and Security Like them or not, metrics are a fundamental part of every organisation. Security doesn't get to a free pass. It is a rare CISO who doesn't demand…
Incident response is one of those things you really hope you'll never have to use, but know you will. Or at least you should know! Even with the best security, there…
One sad fact about security is that no matter what controls you put in place, you will suffer breaches and if you are on the internet it is likely to…
The Information Commissioner's Office announced on 24 Feb 2015 that it had levied a monetary penalty of £175,000 against the holiday insurance company Staysure. The fine came about as a…
Employee security really does matter. Your employees are the lifeblood of every organisation. You put a lot of effort into hiring new staff, you train them, you nurture them and…
Physical security has always been a cornerstone of any Information Security program. As a topic, it is covered by every major security standard. Most have entire sections dedicated to physical…
In the northern hemisphere at least, winter is now upon us and this is time for all business owners to think about how well their business can cope if the…
As you may be aware, the ISO/IEC 27001 standard for Information Security Management Systems (ISMS) was updated and the 2013 version became the "official" version at the start of October…
Encryption is important. This has always been well known, and with the recent revelations about PRISM and related Government monitoring of communications, people have become understandably more interested in the…
This communication regarding suspicious mail has been issued by the National Counter Terrorism Security Office (NaCTSO) and the Centre for Protection of the National Infrastructure (CPNI). Please feel free to…
You may want to check your calendars again. Even though we are now well into the 21st century, it seems that some organisations are still sending sensitive data by fax…
Although it has a well structured, well run and reasonably well resourced security management service, the NHS still seems to struggle with some aspects of compliance with the Data Protection…
A breakdown of internal governance processes has led to the Information Commissioner's Office (ICO) issuing a civil monetary penalty (fine) on Tameside Energy Services Ltd, a Manchester based company claiming to…
By now, it should be no surprise to anyone that the UK is in the grip of some very bad weather that was largely unexpected. News reports today have talked…
It can be hard for a business to bring in new workers. The trusted insider poses a unique threat to any organisation - not only can the insider do you…