How to stay safe from cyber threats this holiday season
Welcome to this week’s Security Spotlight, where we shine a light on:
Our free green papers on implementing ISO 27001 and how pen testing fits into your ISMS
Our upcoming webinar on the DPO role
Updated blog | Cyber Threats During the Holidays: How to Stay Safe from Seasonal Scams and Data Breaches
Cyber attacks, data breaches and online scams increase dramatically each festive season, especially as many staff are away and opportunistic criminals look to exploit online shoppers’ desire to bag a bargain.
So, as the year draws to a close, we look into:
Three major data breaches from 2024.
Three threats facing your organisation this holiday season.
Tips on protecting your sensitive data.
New blog | Protect Your Organisation by Building a Security-Minded Culture
We all have a responsibility for security. However, to ensure that all staff apply the knowledge gained from staff awareness training, security should be embedded in your organisation’s culture.
We explain:
What a security culture is
The difference between security culture and security awareness
The benefits of a strong security culture
What a good security culture looks like
How to build a strong security culture
How to test the strength of your security culture
New Q&A | How to Select Effective Security Controls
Are you looking to mitigate your information security risks but aren’t sure how to choose effective controls while staying on budget?
Damian Garcia MSc, CRISC, our head of GRC consultancy, explains the importance of:
Risk-benefit analysis
Defence in depth
Leadership support and information security objectives
Control selection
Proportionality
New blog | A Guide to Meeting the DORA Penetration Testing Requirements
Penetration testing is a systematic process of probing for vulnerabilities in your systems. An experienced and qualified penetration tester can mimic the techniques used by criminals without causing damage.
Like many laws, regulations and standards, DORA (the Digital Operational Resilience Act) mandates ‘digital operational resilience testing’.
In this blog, we explain:
DORA: digital operational resilience testing
What is penetration testing?
DORA requirements for penetration testing
Penetration testing scope under DORA
Address your vulnerabilities
Free green paper | Implementing an ISMS – The nine-step approach
Good information security is about addressing the risks specific to your organisation without compromising your business objectives.
So, take an approach that’s both strategic and operational.
An ISMS – preferably aligned with ISO 27001 – takes a systematic approach to managing confidential information so that it remains secure.
Learn our 9-step approach to implementation, which we’ve used to help 800+ organisations around the world achieve ISO 27001 compliance.
Free green paper | Penetration Testing and ISO 27001 – Securing your ISMS
As part of your ISO 27001 risk assessment, you must identify security risks within your ISMS scope.
This free green paper explains how you can do this through penetration testing.
Free webinar | The Critical Role of a DPO: Why Outsourcing is the Smart Choice
Tuesday, 28 January 2025, 3:00 – 4:00 pm (GMT)
As data protection regulations become more stringent, the DPO role under the GDPR is more critical than ever.
This webinar, led by Loredana Tassone-MARY and Natalie Whitney, will explore:
The legal requirements for a DPO
The benefits of outsourcing the role
What you can expect from a DPO as a service, and how it can prove a cost-effective solution for maintaining robust data protection
Speak to an information security expert
With 20+ years’ experience in information security, we understand risk management.
Our experts have implemented information security programmes for hundreds of organisations across a multitude of industries in both the private and public sectors.
New to the world of information security and need advice on how to get started?
Or updating an existing information security programme?
Our experts are here to help.