68% of data breaches involve a non-malicious human element
Welcome to this week’s Security Spotlight, where we shine a light on:
Q&A | Your Biggest Security Risk: The Insider Threat
Verizon found that 68% of data breaches involved a “non-malicious human element”.
Add malicious insiders, and the scale of the insider threat becomes clear.
People are your biggest cyber security risk – but the right training can turn them into a security asset.
Damian Garcia, our head of GRC consultancy, discusses:
Blog | Analysing Data Breaches Caused by Human Error
How many data breaches reported to the ICO are accidental, like sending data to the wrong recipient?
We did a deep dive into the ICO’s data to find out.
New Q&A | How to Navigate Privacy and Data Protection Challenges in 2025
In this digital age, privacy and data protection have never been more crucial.
We sat down with DPO consultant Judith Eis , from our sister company GRCI Law , to talk about:
New blog | How Do You Demonstrate Accountability Under the GDPR?
The 7th GDPR principle – accountability – is often the weak link, among both organisations that believe themselves GDPR compliant and those that don’t.
This blog explains:
It also includes a free ROPA template!
Recommended by LinkedIn
New blog | Security Risks of Outsourcing to the Cloud: Who’s Responsible?
As more organisations move to remote or hybrid working, Cloud services are more valuable than ever.
However, innovation comes with risk.
This blog explains:
New free report | GDPR Benchmark Report 2024
The GDPR Benchmark Report 2024 is out!
This report, by our sister company DQM GRC , covers 4 years of gap analysis results, taken from organisations across a wide range of industries and sizes.
Want to know how your organisation measures up when it comes to GDPR compliance? And want to get our top tips for overcoming your compliance challenges?
Workshop | Information Security Risk Assessment Workshop
Tuesday, 22 October 2024, 2:00 – 4:00 pm (BST)
This hands-on 2-hour workshop improves your skills in conducting an information security risk assessment – a critical process for securing your organisation.
Become confident in your ability to identify, assess and mitigate risks methodically while working with internal teams and suppliers.
Led by Andrew Pattison , head of GRC consultancy at IT Governance Europe Ltd , this session will guide you through the practical application of risk assessments using a real-world example.
We previously interviewed Andrew about pragmatic ISO 27001 risk assessments and third-party risk management.
Free webinar | Cyber Essentials vs ISO 27001: Which cyber security framework is right for you?
Tuesday, 12 November 2024, 3:00 – 4:00 pm (GMT)
Choosing the right cyber security framework can be daunting.
This webinar breaks down the key differences between Cyber Essentials and ISO 27001.
Our experts Ashley Brett and Andrew Pattison will:
Whether you’re a small business looking to strengthen your security or a larger organisation considering ISO 27001, this session will provide the clarity you need to make an informed decision.
We previously interviewed Ashley about the key differences between Cyber Essentials and ISO 27001.
Speak to an information security expert
With 20+ years’ experience in information security, we understand risk management.
Our experts have implemented information security programmes for hundreds of organisations across a multitude of industries in both the private and public sectors.
New to the world of information security and need advice on how to get started?
Or updating an existing information security programme?
Our experts are here to help.