The first 72 hours after you discover a data breach are critical. Why? The GDPR (General Data Protection Regulation) requires all organisations to report certain types of personal data breach to the relevant supervisory authority. More specifically, Article 33 says that, in the event …
The ICO (Information Commissioner’s Office) is investigating a cyber attack that has left Redcar and Cleveland Borough Council’s computer systems crippled for almost two weeks. More than 135,000 residents have been affected by the incident, which is believed to have …
Under the GDPR (General Data Protection Regulation), organisations must be vigilant about how long they retain personal information. If you keep sensitive data for too long – even if it’s being held securely and not being misused – you may …
The e-learning industry is increasingly influenced by the concept of ‘gamification’. This is the application of competitive gaming in a learning environment. Thanks to our GDPR Challenge E-learning Game, you can now reap the benefits of gamification when training your …
Last week, victims of Yahoo’s data breaches between 2012 and 2016 were given good news, with the proposed settlement from the US class-action lawsuit heading to a judge for final approval. Yahoo, now owned by Verizon, has agreed to pay …
Cyber criminals are exploiting the public’s fear of the Wuhan coronavirus outbreak in a new phishing scam, researchers have learned. Experts at IBM discovered a spate of phishing emails being sent to Japanese citizens, asking them to open an attached …
We’re back for our second ‘catches of the month’ feature of the new decade, where we review recent phishing attacks and help you understand the threat of cyber crime. This month, we look at a school district that was scammed …
The new decade has begun relatively well, with a six-month low of only 61 disclosed cyber security incidents. By comparison, 2019 saw an average of almost 80 data breaches and cyber attacks per month. It’s not all good news, though. …
In a move to standardise the requirements for Cyber Essentials certification, from 1st April 2020 the IASME Consortium will be the National Cyber Security Centre’s sole Cyber Essentials Partner (formerly accreditation body), and the other four accreditation bodies will no …
As part of their ISO 27001 compliance, organisations must conduct management reviews to address any emerging information security trends and to ensure that their ISMS (information security management system) works as intended. Unfortunately, there’s a mistaken belief that the review …
