HMG Security Policy Framework – Version 8
You are probably aware that the Cabinet Office have recently issued Version 8 of the Security Policy Framework (SPF). This is the document that provides the overarching framework for security…
Personal Email + Work Activity = High Risk Situation
Almost everyone has a personal email address, to the point where you are probably more shocked to discover someone who doesnt rather than a person who has several. In recent…
SPF – ISO27001 Control Mapping Tool – Free Download
For any organisation looking to provide services to the UK Government, consideration of the Security Policy Framework (SPF) is essential and for most Government contracts audited compliance is required. Unfortunately,…
Security Policy Framework Compliance Tool
As we mentioned recently, the UK Government has released an updated version of the Security Policy Framework (SPF), which details the security requirements for government agencies and departments. It also…
Security Policy Framework Compliance Checklist – available for download.
As previously mentioned, we have updated the SPF Compliance Checklist to make it suitable for use with Version 7 of the Security Policy Framework released a few weeks ago. The…
Updated Security Policy Framework – UK Government Security Standard
The UK Government has released an updated version of the Security Policy Framework (version 7) which reflects changing opinions on the best way to manage security risks within Government. The…
Data Protection Act – Calls for more powers while breaches continue
Earlier this week, the Justice Committee Ninth Report made the recommendation that the Information Commissioners should have the power to issue custodial sentences (prison time) for breaches of the Data…
Document disposal – don’t take risks
There has been a lot of press coverage over the recent incident where a cabinet office minister (Oliver Letwin) was observed throwing official documents into a public waste bin. Although…
Hospital loses 800 patient’s data
A report has apparently revealed that the East Surrey Hospital has lost an unencrypted USB drive containing the details of 800 patients. According to the Crawley Observer, this data included details such…
Bay House School - Hampshire
Schools breach data protection rules
Today the Information Commissioner's Office announced a data protection act breach at the Bay House School in Hampshire which placed data belonging to nearly 20,000 people at risk. Reading the…
Ex-T-Mobile Employees Fined £73,700 for data theft
The ICO has issued another set of fines for misuse of personal data and violations of the Data Protection Act. This instance, however, is clear cut criminal behavior rather than business misuse,…
Surrey Council Fined over DPA offences
The ICO has flexed its muscles against Surrey Council and imposed a £120,000 fine for breaching the Data Protection Act. While this falls well short of the maximum allowed in…
Registration for the Second Cyber Security Challenge is Open
If you are interesting in taking the UK governments "Cyber Security Challenge" - registration is now open. You can find more at the challenge website: https://cybersecuritychallenge.org.uk/ If you are planning to…