Alan Calder on IT Governance, Cyber Resilience, ISO 27001 and Brexit
  • Menu
  • Blog Home
  • Cyber Security
    • ISO 27001
    • ISO 27002
    • IT Security
  • Business Continuity
    • Disaster Recovery
    • ISO 25999
  • Data Protection
    • Data Breaches
  • PCI DSS

Global infection by contagious malware

Alan Calder February 14, 2019 Cyber Security
CyRiM’s (Cyber Risk Management Project) chilling report, Global infection by contagious malware , describes a scenario in which a well-resourced, motivated and malicious cyber team creates a self-replicating worm that encrypts all devices and wipes backups. I recently commented on what …
[Continue Reading...]

93% of organisations plan to increase spend on cyber defences – they need to!

Alan Calder February 14, 2019 IT Security
According to research carried out for Carbon Black, an endpoint security company, 88% of UK organisations reported they suffered a cyber breach in the past 12 months, with the average breaches per organisation running at 3.67! Attacks have become more …
[Continue Reading...]

Timetable to first UK GDPR fines

Alan Calder January 29, 2019 IT Security
Anyone who does even a limited amount of analysis of the ICO’s (Information Commissioner’s Office) website can see that, on average in the UK, the time elapsed between the committing of an offence under data protection legislation and the consequent …
[Continue Reading...]

First GDPR fines focus on legal compliance

Alan Calder January 24, 2019 IT Security
Historically, data protection fines tended to be triggered by either cyber breaches or some process or system failure that led to personal data being exposed.  Two of the first fines imposed under the GDPR (General Data Protection Regulation) point to …
[Continue Reading...]

The commercial consequences of data breaches

Alan Calder December 10, 2018 Cyber Security
Everyone now knows that a personal data breach may lead to an ICO (Information Commissioner’s Office) investigation, financial penalties and/or other regulatory action. But what about the commercial consequences? It’s long been a standard observation that data breaches lead to …
[Continue Reading...]

PECR – Directors face fines up to £500,000

Alan Calder November 22, 2018 Cyber Security
While the recent statutory instrument that amends the PECR (Privacy and Electronic Communications Regulations) appears to be aimed at the directors of organisations that brazenly flout the law in respect of direct marketing (whether by email or telephone), the reality …
[Continue Reading...]

Are usernames and passwords not valuable data?

Alan Calder November 6, 2018 Cyber Security, Data Protection, PCI DSS
There is a trend among organisations that suffer data breaches – such as Eurostar, which has just identified a major data breach – to downplay their impact by saying things like ‘while usernames and passwords were compromised, the good news …
[Continue Reading...]

Morrisons – Court of Appeal decision

Alan Calder October 30, 2018 Cyber Security, Data Protection
The Court of Appeal has upheld the lower court decision that supermarket chain Morrisons is vicariously liable for a data breach by an employee. The detail of this decision is interesting. The Court found that, as Morrisons had instructed the …
[Continue Reading...]

The ICO – driving ‘meaningful change’

Alan Calder October 29, 2018 Cyber Security, EU GDPR
Facebook has, in respect of its data breach earlier this year, been fined the maximum £500,000 allowed under the DPA (Data Protection Act) 1998. It’s lucky the breach was discovered before 25 May 2018; if the fine had been levied …
[Continue Reading...]

Ransomware – three options

Alan Calder October 26, 2018 Cyber Security
Ransomware is a fact of life, right? Sooner or later, a member of staff is going to click a malicious link or visit a dodgy website, and a ransomware product will download and install itself. There are three ways you …
[Continue Reading...]
  • ← Older posts

    Subscribe to Blog via Email

    Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Categories

    • BS10012
    • Business and the Economy
    • Business Continuity
    • Compliance
    • Cyber Security
    • Data Breaches
    • Data Protection
    • Disaster Recovery
    • e-discovery
    • EU GDPR
    • Green IT
    • ISMS
    • ISO 20000
    • ISO 25999
    • ISO 27001
    • ISO 27002 (ISO 17999)
    • IT Governance
    • IT Security
    • ITIL
    • Mobile Devices
    • MSP
    • PCI DSS
    • Prince2
    • social media
    • White Collar Crime

    IT Governance Tags

    banks books Business Continuity CEOs CIOs CobiT Compliance corporate governance CSOs Data Breaches data protection act data security dpa fraud HMRC IM information security infosec ISMS ISO 27001 iso27001 ISO 27001 Certification ISO 27001 Toolkit IT Governance IT Governance Framework ITIL IT Security malware mobile phones MSP networking sites NHS PCI DSS personal data phishing Prince2 sarbanes-oxley security breaches SOX spam Training USB Sticks viruses White Collar Crime wireless
Alan Calder on IT Governance, Cyber Resilience, ISO 27001 and Brexit Copyright © 2019.