The impact of the GDPR on sending emails and networking

On 25 May 2018 the General Data Protection Regulation (GDPR) replaces the Data Protection Act (DPA). The aim is to give individuals more control over how their personal data is used and get businesses to be more transparent over how it will be used. The UK Government have confirmed that Brexit has no impact. Businesses… Read More

How interested do parties need to be?

Early on in the ISO27001:2013 standard, page 1 section 4.2 to be precise, is ‘Understanding the needs and expectations of interested parties’. An organisation needs to determine the parties relevant to their information security management system (ISMS) and what requirements they could have for information security. The standard helpfully notes that requirements may include legal and regulatory… Read More

Wetherspoons stop monthly newsletters – GDPR related?

This morning I received an email from Wetherspoons – I am a customer and did sign up to receive updates – saying they will no longer be sending emails as many consider this intrusive. I agree that some people can find this intrusive, but at the same time think this could be part of their General… Read More

Anyone talking about GDPR should include this slide! #ourGDPRstatus

It isn’t hard to find an event at the moment that is specifically about GDPR or includes sessions to cover different aspects of it. With so many companies talking about it and promoting products and services to help prepare for May 2018, you would think/hope they would be the ones that are well on their way… Read More

Things to consider when selecting a new office

Thinking of moving to a new location? Here are some security items you should consider when selecting your perfect office. Location Consider neighbourhood public health and safety issues Is there an unacceptably high incidence of crimes against people or property? Will employees feel safe walking alone at night? Do the police or other emergency services have… Read More

Why the Contact form had to go! #GDPR

We still want to be contacted so we can help businesses improve their information and cyber security, but from now on, please do it by email or by calling. Removing the website Contact form may seem extreme, but it eliminates a risk to personal data over which we have very little control. As everyone probably knows*, the… Read More

GDPR (Data Protection) vs MTD (Tax)

What we know The General Data Protection Regulation (GDPR) will replace the Data Protection Act. Brexit has no impact. The Information Commissioner has said “there may still be questions about how the GDPR would work on the UK leaving the EU but this should not distract from the important task of compliance with GDPR”. This… Read More

Mirror mirror on the wall, who’s the fairest Application and OS of them all

The Computer Vulnerabilities and Exposures (CVE) website provides yearly summaries of application and operating systems vulnerabilities. Having a vulnerability is not the same as it actually being exploited, but the figures provide a useful, if somewhat crude way, of identifying what needs protecting and how this compares to 2015. For anyone that doesn’t want to read much further the… Read More

A is for App and B is for Behave

This isn’t my first blog about Apps that can take your personal information, and it probably won’t be the last. I am all for Apps that make you more productive and provide information on what is going around you. But there are too many that want access to information they could never legitimately use. I… Read More

What the National Cyber Security Strategy means for your business

On 1 November the UK National Cyber Security Strategy 2016-2021 was launched by the Chancellor. It is a £1.9bn programme to make the UK ‘confident, capable and resilient in a fast-moving digital world’ and protect the UK economy and the privacy of its citizens against cyber attacks that are growing more frequent, sophisticated and damaging. It recognises this isn’t “just” an… Read More