Risk Management Archive
Many organisations choose to implement ISO 27001 as it demonstrates that they have put in place the best-practice information security processes. It is also the only international standard that defines the requirements of an information security management system (ISMS). An …
Cyber security is all very well for large professional services firms with big budgets, but what can you do if your resources are more limited? Here we explain how you can make yourself safer without breaking the bank and taking …
A risk assessment enables you to identify, analyse and evaluate your organisation’s risk. By identifying gaps between people, processes and technology, you can minimise and prepare for potential threats. Risk assessments are central to many standards, including ISO 27001, the …
To ensure that the cyber security controls your organisation has chosen are appropriate to the risks it faces, a risk assessment should be carried out. This risk assessment consists of identifying, analysing and evaluating risk. If your organisation does not …
Clarksons, the world’s largest shipbroker, is preparing for the fallout from a recent data breach. An investigation has found that unauthorised access was gained through an isolated user account. Before the breach could be responded to, essential information was stolen. …
It’s a common misconception that cyber security is all about technology (hardware and software). Technology is obviously a massive part of cyber security, but alone it is not enough to protect you from modern cyber threats. Cyber security consists of technologies, …
The resurgence of Locky ransomware has been described as one of the largest malware campaigns of the second half of 2017, with more than 23 million infected emails sent to the US workforce in just 24 hours on 28 August …
Compliance with the proposed Network and Information Security (NIS) Directive, which EU member states must adopt by May 2018, may prove difficult for organisations operating in critical infrastructure industries, a new report from Corero Network Security has highlighted. The police …
New information and IT risks seem to be everywhere, and so it is essential that organisations address these risks in the context of enterprise risk management (ERM). What is enterprise risk management? ERM is a practice that has become increasingly …
Although recent research by Baydynamics shows that 89% of board members said they are very involved in making cyber risk decisions, when you dig a little deeper into the statistics, it seems that the situation is not as rosy as …
