December 2016 – A Look Back at 2016

Cyber security has been in the spotlight once again in 2016 so as the year draws to a close we take a look back at our past stories and wonder, have lessons been learned and will security be a priority in 2017?

[…]

Information Security

August 2016 – Advanced Persistent Threats

The term ‘APT’ usually refers to a group, such as a foreign government, with both the capability and the intent to persistently and effectively target a specific entity. It is commonly used to refer to cyber threats, in particular that of Internet-enabled espionage using a variety of intelligence gathering techniques to access sensitive information. […]

May 2016 – Banking On Information Security

In February 2016, hackers hit the headlines again as news broke of a cyber attack on Bangladesh’s central bank. Specially crafted malware was used to hack into Bangladesh Bank’s SWIFT software, allowing the hackers to transfer $81 million from Bangladesh’s account at the Federal Reserve Bank of New York into accounts held at other banks, reportedly in the Philippines.
[…]

ISO27001 Working for your business

ISO/IEC27001:2013 is the international standard that provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an Information Security Management System (ISMS).

As the fear of security issues increases in business, customers are looking for reassurance from companies who are likewise seeking reassurance from their suppliers that information security is being managed to ensure protection of their data. For many companies the solution to responding to these concerns is alignment with ISO27001.

This article covers some of the key points we have found that will make ISO27001 work for your business. […]

Management Buy-in for ISO27001 Implementation

Overcome obstacles for Management Buy-In for Information Security

For any security plan to be effective, the co-operation of staff at all levels is essential. Achieving this is easier said than done, with other priorities and lack of communication often proving to be stubborn obstacles.

To ensure staff buy-in, management must be seen to fully support an information security plan and this can be a tough obstacle to overcome. Finding the best way to justify a security plan in the face of objections can be a challenge, but being prepared with the facts about the risks and benefits will be a big advantage. […]