How interested do parties need to be?

Early on in the ISO27001:2013 standard, page 1 section 4.2 to be precise, is ‘Understanding the needs and expectations of interested parties’. An organisation needs to determine the parties relevant to their information security management system (ISMS) and what requirements they could have for information security. The standard helpfully notes that requirements may include legal and regulatory… Read More

Things to consider when selecting a new office

Thinking of moving to a new location? Here are some security items you should consider when selecting your perfect office. Location Consider neighbourhood public health and safety issues Is there an unacceptably high incidence of crimes against people or property? Will employees feel safe walking alone at night? Do the police or other emergency services have… Read More

Will marketing make companies miss the May 2018 GDPR deadline?

We all do marketing to make us stand out from the competition and show the compelling reasons to have the product or service we provide. But sometimes a marketing message doesn’t give the complete picture. For the General Data Protection Regulation (GDPR), this could lead companies to believe they comply but actually have several outstanding issues to address.… Read More

Windows 10 Anniversary Update – Security Features

The Windows 10 Anniversary Update will be launched on 2nd August 2016.  Alongside changes to the Start menu, Windows Ink and extensions to the Edge browser are changes to Cortana (the intelligent personal assistant) and three security features. The first is Windows Defender Advanced Threat Protection (WDATP). It is aimed at enterprise customers to detect, investigate, and… Read More

Do you suffer from Business Incontinuity?

A business doctor writes “on a regular basis I am asked to treat companies that have suffered from the silent SME killer – Business Incontinuity. The symptoms of this problem are often missed, and it is only when something happens that requires the Business Continuity Plan to be put into action that the problems emerge.… Read More

Why keeping information secure is much more than an IT issue

When I ask business owners what they are doing to keep their business information secure, the vast majority say it is an IT issue and I should talk to their IT team or the company used to maintain their IT systems. But what about dealing with risks from your staff, lack of adequate physical security or keeping… Read More

Is that the drip, drip, drip of your data?

It may seem obvious, but some businesses don’t appreciate that securing information means you need to know what you have and where it gets stored. Not so long ago you knew that information stored electronically would be held on servers within your building(s), at a secure data centre or on backups held by a trusted… Read More

Can I please have your personal information? OK!

What would you do if someone came up to you, leaned over and whispered in your ear can I please have your personal information? Personally, I would tell them to go away, possibly using words a bit stronger than that, and walk away. But every day people are saying it is OK for someone they… Read More

The outlook is Cloudy with possible spells of data protection issues

This isn’t a blog about the weather, but some people may be in for a stormy time if they use apps or services that don’t have good data protection measures in place. The majority of us now use ‘the Cloud’ to provide services or store data. The main players seem to have good data protection policies… Read More

Nothing says ‘I Love You’ like a DDoS attack

What did you get your loved one for Valentine’s day? If you ordered flowers online, you might have found it more difficult than expected as florists were receiving a lot of unwanted attention from cyber criminals. Cyber criminals have shown a tendency to exploit major news and seasonal events to slip phishing and other malicious attacks past… Read More