Earlier this month, we saw one of the most damaging ransomware attacks ever conducted, after the software company Kaseya was breached by the REvil gang. More than 1,500 organisations were affected, with the attackers demanding a $70 million (about £50 …
The way Cloud service providers in the UK operate has changed dramatically in the past few years, thanks to a pair of regulations that took effect. The first – the EU GDPR (General Data Protection Regulation) – should be familiar …
Who will you call when your organisation has been compromised? Having a cyber incident response team ready to go can save your organisation from disaster. There’s no escaping the threat of cyber security incidents. Criminals are constantly poised to exploit …
Anyone with an interest in information security will have encountered ISO 27001, the international standard that describes best practice for an ISMS (information security management system). However, you might not be as familiar with ISO 27002. It’s a supplementary standard …
People are the weakest part of any organisation’s security defences. You can spend months designing flawless processes and investing in state-of-the-art technology, but these both only work if the people using them know what they’re doing. That’s why information security …
Welcome to our second quarterly review of security incidents for 2021, in which we take a closer look at the information gathered in our monthly list of cyber attacks and data breaches. In this blog, we provide an overview of …
The threat of cyber security incidents looms over all organisations. There are simply too many things that can go wrong – whether it’s a cyber attack, a technical malfunction or another delay – to assume that operations will always be …
Welcome to July’s review of phishing scams, in which we look at criminals’ latest tactics and provide examples of successful frauds. This month, we delve into the continued success of HMRC scams, look at why healthcare firms need to be …
Access control policies are an unquestionably important part of ISO 27001. The requirements for producing one are outlined in section A.9 of Annex A, which contains 14 controls. In this blog, we explain what Annex A.9 covers and what your …
We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021. But don’t be fooled by that number – it comes from 106 incidents, which is roughly average for the year. It’s simply the case …
