Alan Calder on IT Governance, Cyber Resilience, ISO 27001 and Brexit – Alan Calder, author of "IT Governance – An International Guide to Data Security and ISO27001/ISO27002", talks about current governance and cyber-security issues.

Cyberattacks will accelerate – in volume and size – over the next 6 months

Alan Calder May 15, 2020 Cyber Security

Millions of people, working from home, using personal IT equipment rather than hardened corporate equipment, and often connecting to corporate services without going through a working VPN, provide cyber attackers with millions of routes into secure networks.

[Continue Reading...]

Ransomware: should have known better

Alan Calder May 11, 2020 Cyber Security

You would have thought that IT Managed Service Providers would know about ransomware, wouldn’t you? Well, clearly not all MSPs are equal: US MSP, Cognizant, admitted last week that a successful April ransomware attack would negatively affect its Q2 earnings …

[Continue Reading...]

Do you need a physical office in order to ISO/IEC 27001 certification?

Alan Calder May 4, 2020 ISO 27001

No. The standard was written to support organisations of all sizes, all types and in all sectors. And as it is increasingly normal for organisations to be largely or entirely home-based, accessing temporary office-space if, as and when, necessary, so …

[Continue Reading...]

Dealing with coronavirus – a perspective

Alan Calder April 29, 2020 IT Security

According to the World Health Organization, the total number of coronavirus deaths, worldwide, as at 0100 on 28 April 2020, is 202,733. At this point, Covid-19 is the 23rd highest cause of death worldwide.

[Continue Reading...]

In troubled times

Alan Calder July 24, 2019 IT Security

In troubled times – when faced with socio-economic uncertainty or political instability – organisations tend to pull in their horns, cut expenditure and save for the whatever the future holds. Cyber criminals love troubled times, because they know that organisations …

[Continue Reading...]

Key lessons from the record BA and Marriott GDPR fines

Alan Calder July 11, 2019 IT Security

After a year of apparent inaction, the ICO (Information Commissioner’s Office) has struck twice in two days with the two largest privacy-related fines in the EU. I think organisations can draw two key lessons from these actions: 1. You can’t …

[Continue Reading...]

British Airways: ICO takes GDPR regulatory action

Alan Calder July 8, 2019 IT Security

The ICO (Information Commissioner’s Office) announced today that it will be fining British Airways £183m for the website date breach it suffered last year. I said at the time that a data breach on this scale and which lasted as …

[Continue Reading...]

City of Florida proves the ransomware business case

Alan Calder June 21, 2019 IT Security

The City of Florida, after agreeing to spend $1 million (about £790,000) on new IT infrastructure after hackers captured their systems three weeks ago, has now agreed to pay $600k to get access to their systems. The ransomware was apparently …

[Continue Reading...]

AMCA: 4 lessons from a cyber-bankruptcy

Alan Calder June 20, 2019 Cyber Security

For 7 months, cyber criminals had access to – and successfully exfiltrated – the extensive personal records of some 20 million US citizens. The American Medical Collections Agency had spent $1 million, as recently as 2015, upgrading and modernising its …

[Continue Reading...]

PECR and GDPR

Alan Calder May 8, 2019 EU GDPR

Well, the ICO (Information Commissioner’s Office) is markedly faster out of the blocks in terms of dealing with PECR (Privacy and Electronic Communications Regulations) breaches than in dealing with GDPR (General Data Protection Regulation) ones. Some 16 company directors have …

[Continue Reading...]