Cyber Security – Alan Calder on IT Governance, Cyber Resilience, ISO 27001 and Brexit

Butlin’s data breach

Alan Calder August 10, 2018 Cyber Security

If there are any positives to come out of the Butlin’s data breach, it’s that they reported it within 72 hours – a requirement of the EU GDPR (General Data Protection Regulation). The breach, which has apparently affected some 34,000 …

[Continue Reading...]

Cyber security: invest now or invest more later

Alan Calder August 2, 2018 BS10012, Cyber Security

Dixons Carphone, explaining its massive cyber security breach in a full page notice in today’s Times, says: “We’re extremely sorry about what has happened – we’ve fallen short here.” They’re right, they have – not least in the fact that it …

[Continue Reading...]

Summer breaches

Alan Calder July 27, 2018 Cyber Security, Data Protection, EU GDPR

As organisations across the world look forward to the holiday season, it’s worth reviewing the perspective of data thieves and cyber attackers. If key staff are on holiday, cyber security defences will be weaker and less agile. If remaining staff …

[Continue Reading...]

Management disconnect

Alan Calder November 3, 2016 Business and the Economy, Business Continuity, Compliance, Cyber Security, Data Protection, EU GDPR, IT Governance, IT Security

I’ve talked, for some years, about the disconnect between managements stating that cyber security is on their agenda, or under control, and the rapidly rising number of data breaches, as reported in multiple surveys and reports, as well as increasingly …

[Continue Reading...]

GDPR and Brexit: no need for confusion

Alan Calder October 26, 2016 Cyber Security, Data Protection, EU GDPR

GDPR comes into force in May 2018. The UK will still be a member of the EU at that point and, even if Mrs May hadn’t pledged that the UK would be a ‎fully-functioning member right up to the point …

[Continue Reading...]

Government Cyber Security Kite Mark vs ISO 27001

Alan Calder December 16, 2013 ISO 27001, IT Governance

Last Thursday (12th December) the British Government issued a statement on the progress against the objectives set out in the UK Cyber Security Strategy. Unsurprisingly, making cyberspace safer for UK business remains a top priority. In order to achieve that …

[Continue Reading...]

CISSP or CISM: Which – or Both?

Alan Calder May 3, 2013 Cyber Security, ISMS, ISO 27001, IT Governance, IT Security

In today’s underskilled cyber security market place, people ask whether they should acquire a CISSP or CISM qualification. Each qualification has different strengths – so, which do you think information security professionals should pursue? Where do you think CISMP fits into a …

[Continue Reading...]

Cyber skills the issue for SMBs

Alan Calder May 2, 2013 Cyber Security, Data Breaches, ISO 27001, IT Governance, IT Security

New cybersecurity surveys continue to point at the two main challenges faced by most smaller businesses in terms of defending against cyber attack: They don’t know where they are vulnerable; and They don’t have the skills to close down the …

[Continue Reading...]

The cyber security frontline: your business

Alan Calder April 29, 2013 Cyber Security, ISO 27001, IT Governance, IT Security

Eugene Kapersky – the founder of Kaspersky Lab, the world’s largest privately-held anti-malware vendor – made four important points in his cybersecurity seminar at Infosec 2013: “Every company is a victim of cyber attacks, whether they know it or not;” Even smaller …

[Continue Reading...]

Cyber security skills gap

Alan Calder April 26, 2013 Business and the Economy, Cyber Security, ISMS, ISO 27001, ISO 27002 (ISO 17999), IT Governance, IT Security

I talked, earlier this week, about the evident gap between the concern expressed (in the 2013 ISBS survey) by the majority of managers about cyber security and the fact that their organisations continue to be breached, and linked this to …

[Continue Reading...]

Cyber Security Archive