Budgets are integral to every business. The start up's business plan has to include budgets and the multinational will have an entire finance unit geared around making sure that every…
Employee security really does matter. Your employees are the lifeblood of every organisation. You put a lot of effort into hiring new staff, you train them, you nurture them and…
Physical security has always been a cornerstone of any Information Security program. As a topic, it is covered by every major security standard. Most have entire sections dedicated to physical…
This communication regarding suspicious mail has been issued by the National Counter Terrorism Security Office (NaCTSO) and the Centre for Protection of the National Infrastructure (CPNI). Please feel free to…
Although it has a well structured, well run and reasonably well resourced security management service, the NHS still seems to struggle with some aspects of compliance with the Data Protection…
A breakdown of internal governance processes has led to the Information Commissioner's Office (ICO) issuing a civil monetary penalty (fine) on Tameside Energy Services Ltd, a Manchester based company claiming to…
Passwords are in the news again, with yet another headline crying out for the death of the password and claiming that everyone should move to two factor authentication (2FA) for…
We are in a new year now, the end of the world never materialised and everyone will be back at work, getting ready to push on their new years resolutions…
Another fine has been issued by the Information Commissioner's Office (ICO) and, again, it is the result of something that could easily have been prevented if a bit of time…
Another Data Protection Act fine (civil monetary penalty) was announced yesterday (25 Oct 12), and again it is largely the result of risk management mistakes meaning that a cheap preventative…
Interestingly, a report from the ICO published yesterday has stated that the private sector appears to be more compliant with the requirements of the Data Protection Act than public sector…
One of the most challenging tasks facing any security professional is communicating the value of security to others within the organisation you work for. Unlike lots of other disciplines there…
Quite rightly, information security is a hot topic for most businesses. This is driven by a combination of regulatory and legal compliance pressures and the unavoidable fact that information (data)…
Following up on the news last week that LinkedIn had suffered a major security breach in which huge numbers of user account passwords were put at risk (previously discussed), there…
There is a commonly held misconception about risk management and, where this relates to security risk management, it is even more widespread, frequently to the detriment of organisations and businesses.…