Data Flow Mapping Tool teaser

Does an organisation’s size matter when it comes to data breach fines?

In June, the UK ICO (Information Commissioner’s Office) began investigating a data breach at Dixons Carphone that affected almost 6 million payment cards and 1.2 million records containing non-financial information such as names, addresses and emails. Dixons Carphone said about 5.9 million of the cards affected had chip-and-PIN protection, and ... Read More

2017 was a big year for data breaches – What will 2018 be like as GDPR finally kicks in?

Last year many companies had to deal with data breaches and cyber threats. Hardly a week passed without an organisation like Uber, Xbox and Yahoo suffering a major data breach and many more businesses became victims as well. Sometimes it takes publicity and a feeling it could be us next ... Read More
DFMT Latest Release – Consultancy Access

DFMT Latest Release – Consultancy Access

The latest release from Vigilant Software sees the addition of Consultancy Access to its CyberComply platform Vigilant Software has updated the CyberComply platform to make significant changes and introduce a Consultancy Access feature to both the Data Flow Mapping Tool (DFMT) and Compliance Manager (CM). This allows Consultants to add ... Read More
How vsRisk can simplify your ISO 27001 risk assessment

How vsRisk can simplify your ISO 27001 risk assessment

An ISO 27001 risk assessment is at the core of your organisation’s ISMS (information security management system). The Standard is explicit in requiring that a risk management process be used to review and confirm security controls in light of regulatory, legal and contractual obligations. Spreadsheets are a common and seemingly ... Read More
Data breaches: how can they be prevented?

Data breaches: how can they be prevented?

Data breaches are the second biggest threat to organisations after cyberattacks. Last month alone, 17,273,571 breaches were recorded. What is a data breach? A data breach is a security incident that can be accidental or deliberate and relates to sensitive, confidential or protected data. A data breach occurs when the ... Read More
How to create an information security policy for ISO 27001

How to create an information security policy for ISO 27001

What is an information security policy for ISO 27001? Your company’s information security policy is the driving force for the requirements of your information security management system (ISMS). The policy needs to capture board requirements and, organisational reality, and meet the requirements of the ISO 27001 standard if you’re looking ... Read More

Who is a data protection officer under the GDPR?

From 25 May the General Data Protection Regulation (GDPR) applies to all organisations that process EU residents’ personal data. As part of your compliance project, it’s important to understand the role of the data protection officer (DPO). The DPO’s role A DPO can help you address the GDPR’s compliance demands ... Read More

Identifying interested parties and their expectations for an ISO 27001 ISMS

There are many reasons for implementing an information security management system (ISMS), and identifying and understanding interested parties is crucial for an organisation to develop its information security. What is an ISMS? A system of processes, people and technology that helps to manage, monitor and improve your organisation’s information security, ... Read More