Navigating the ‘new normal’ – take opportunities, manage risks

COVID19 has meant changes to how we live and work. Organisations of all sizes must now adapt to the ‘new normal’ to survive and grow. Some changes will be positive – why didn’t we do this before! – while others will unfortunately have a negative impact. Organisations that think about what could be done in… Read More

WADIFF Consulting help Clear Review get ISO27001 certification

Clear Review provides a platform to help companies drive employee performance improvement and provide measurements that companies require to make business decisions. Clear Review already had Cyber Essential plus, getting ISO27001 certification was the next step to ensure there is a robust security framework covering all areas of the company; from onboarding clients and their… Read More

WADIFF Consulting help any-3 get ISO27001 certification

any-3 provides bespoke surveys around engagement, diversity and self-assessments to high profile corporates and public sector organisations. Clients expect data to be kept secure and may undertake audits or run tests with any-3 to confirm everything is in place to protect the confidentiality, integrity and availability of data. Getting ISO27001 certification was the next step… Read More

WADIFF Consulting help Ditto AI get ISO27001 certification

Ditto AI Limited is an Explainable AI (XAI) company, that serves regulated, safety critical sectors that require accountability and transparency in their AI solutions. The security and integrity of information is seen as critically important to their business. With a target market of regulated industries, getting the ISO27001 certification made perfect sense both technically and… Read More

You wouldn’t get caught out by a phishing email, or would you?

Phishing emails – you get them, I get them and those pesky cyber criminals continue to evolve the format to try and get people to click links or download files that contain malware. The majority are easy to identify from the content.  Messages from banks you don’t use and links to invoices from companies you… Read More

CNIL – causes of reported data breaches (May – October 2018)

The CNIL (the French Data Protection Authority) received 742 notifications of personal data breaches (and see the original report in French) that affected over 33 million individuals located in France or elsewhere. 695 related to confidentiality breaches. The accommodation and food services sector had the highest number of breaches – 185. This is due to a specific case… Read More

WADIFF Consulting help St Giles Trust get ISO27001 certification

St Giles Trust is a charity that helps ex-offenders and disadvantaged people to move their lives forward. Security requirements to obtain funding, and the expectations of partners, meant that ISO27001 certification to cover their six offices was becoming a ‘must have’ for the Trust. Where WADIFF Consulting make a difference Practical knowledge of implementing and… Read More

You have decided you need ISO27001 certification – what happens now?

ISO27001 is the international standard for Information Security, and there are several reasons for deciding that certification is a business requirement. For some companies, it becomes a requirement to get shortlisted for new work. For others, it can be a way for management to ensure good security practices are in places as they grow or… Read More

Mirror mirror on the wall, who’s the fairest Application and OS of them all

The Computer Vulnerabilities and Exposures (CVE) website provides yearly summaries of application and operating systems vulnerabilities. Having a vulnerability is not the same as it actually being exploited, but the figures provide a useful, if somewhat crude way, of identifying what needs protecting and how this compares to 2015. For anyone that doesn’t want to read much further the… Read More

What the National Cyber Security Strategy means for your business

On 1 November the UK National Cyber Security Strategy 2016-2021 was launched by the Chancellor. It is a £1.9bn programme to make the UK ‘confident, capable and resilient in a fast-moving digital world’ and protect the UK economy and the privacy of its citizens against cyber attacks that are growing more frequent, sophisticated and damaging. It recognises this isn’t “just” an… Read More