You have decided you need ISO27001 certification – what happens now?

ISO27001 is the international standard for Information Security, and there are several reasons for deciding that certification is a business requirement. For some companies, it becomes a requirement to get shortlisted for new work. For others, it can be a way for management to ensure good security practices are in places as they grow or… Read More

Why keeping information secure is much more than an IT issue

When I ask business owners what they are doing to keep their business information secure, the vast majority say it is an IT issue and I should talk to their IT team or the company used to maintain their IT systems. But what about dealing with risks from your staff, lack of adequate physical security or keeping… Read More

Cyber insurance cover – check the small print

The insurance industry has responded to increasing cyber threats to client details, business strategy, financial details, intellectual property, passwords and employee information by offering cyber insurance to supplement existing insurance arrangements. The market is still evolving, but it typically covers hacking, computer system failure and recovery, and business interruption. Businesses of all sizes may view this… Read More

Reviewing user permissions, it may reduce costs as well as improving security

A key part of protecting information is to make sure users only have access to what they need to do their job. Permissions need updating when the role of an individual changes. When they leave their account(s) need to removed or suspended in some way. In an ideal world there would be an email or… Read More