Up to 600 million Facebook users have had their passwords leaked in an internal data breach. Security researcher Brian Krebs broke the news on 21 March 2019, explaining that the social network’s internal company servers contained passwords stored in plaintext. …
The data protection landscape was dramatically reshaped with the introduction of the EU GDPR (General Data Protection Regulation) on 25 May 2018, but it wasn’t the only law that took effect that day. The UK DPA (Data Protection Act) 2018 …
You might have heard increased chatter recently about the need for an EU representative under the GDPR (General Data Protection Regulation). This rule applies to any organisation outside the EU that monitors the behaviour of, or provides goods or services …
Anyone interested in getting into or advancing their career in cyber security probably knows that they will need training and qualifications. But given that the field is so broad, how are you supposed to decide which course is right for …
Norsk Hydro, one of the world’s largest aluminium producers, has been hit by a cyber attack that has knocked out IT systems in facilities across the globe. The Norway-based organisation says the attack began on Monday, 19 March 2019, and is ongoing. Many of its systems are offline, …
ISO 27001 is the international standard that describes best practice for an ISMS (information security management system). The Standard takes a risk-based approach to information security, requiring organisations to identify threats to their organisation and select appropriate controls to tackle …
Earlier this month we caught up with Geraint Williams, CISO for GRC International Group plc, to find out more about information security and how he raises awareness within the workplace. Watch the video below to hear what Geraint had to …
In our last ever podcast, we discuss Citrix’s data breach, the GDPR and cookie walls, data breach notification, and Patch Tuesday. Hello and welcome to the IT Governance podcast for Thursday, 7 March 2019. It’s our last episode, so I …
This blog has been updated to reflect industry updates. Originally published 24 March 2016. Although ISO 27001 is built around the implementation of information security controls, none of them are universally mandatory for compliance. That’s because the Standard recognises that …
IT Governance has been working with gambling operators for more than 15 years, helping them to comply with a range of regulations, so we were interested to see evidence that two of the UK’s biggest gambling trade bodies are set …
