itgconsultant Archive
Expert tips from Alan Calder Alan is the Group CEO of GRC International Group PLC, the parent company of IT Governance, and is an acknowledged international security guru. He’s also an award-winning author, and has been involved in developing a …
What the Common Vulnerability Scoring System is, how to use it, limitations and alternatives, and key changes in CVSS v4.0 Our senior penetration tester Leon Teale has more than ten years’ experience performing penetration tests for clients in various industries …
Understanding the threat, and how staff awareness training can address it Damian Garcia has worked in the IT sector in the UK and internationally, including for IBM and Microsoft. In his more than 30 years in the industry, he’s helped …
How attackers try to remain undetected and/or mask their actions Vanessa Horton holds a degree in computer forensics, as well as a number of cyber security and forensics qualifications. She has worked for the police as a digital forensics officer, …
Expert insight from Leon Teale into the implications of this historic data breach The security researcher Bob Diachenko and investigators from Cybernews have discovered an open instance with more than 26 billion data records, mostly compiled from previous breaches – …
A DORA Regulation overview – part 2: incident management Cliff Martin is the head of cyber incident response within GRCI Law. He joined the Group in April 2021, bringing experience from the defence industry, where he dealt with both operational …
Insights into the new UK–US ‘data bridge’ from our data protection and cyber trainer Andrew Snow is a GDPR DPO (General Data Protection Regulation data protection officer) with extensive public- and private-sector experience in regulatory compliance, privacy compliance framework development, …
By our reckoning, September 2021 saw 97 security incidents comprising 91,127,815 million breached records. What is unusual about this month is that a single incident accounted for most of those records: 61 million of them, in fact, which were exposed …
Under the GDPR (General Data Protection Regulation), all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. Additionally, there are circumstances in which schools must report breaches to …
One of the contentious issues from vulnerability scanning, in particular with web applications, is false positives. This means that the scanning shows vulnerabilities exist, whereas in reality there is no vulnerability (i.e. it is a response to the scanning that …
