The Data Privacy, Compliance and Risk monthly newsletter from ISMS.online – December 2024
The ISMS.online Data Privacy, Compliance & Risk Monthly Round-Up

The Data Privacy, Compliance and Risk monthly newsletter from ISMS.online – December 2024


As we wrap up 2024, we want to thank you for being part of our journey this year. It's been a year of growth and milestones, from earning 8 G2 badges (including GRC Compliance Leader) to growing to 45,000 active users and being named one of the best companies to work for.

We hope you enjoy our final newsletter of the year and wish you a joyful and peaceful festive season. See you in the new year!


Latest Blogs 

NCSC Report 2024: Why Cyber Resilience Must Be Your Top Priority

Rebecca Harper breaks down the NCSC Annual Review 2024, highlighting key threats such as ransomware, AI, and supply chain security and examines proactive measures for businesses to build resilience.

Quantum Is Coming: Here's What the Data Protection Regulator Says

Phil Muncaster explores how the emergence of quantum computing could undermine public key cryptography, examining the ICO's guidance on 'crypto agility' and best practices businesses to safeguard sensitive data.

A Year in Compliance: Five Key Trends from 2024

Reflecting on 2024's cybersecurity challenges, Phil Muncaster highlights key trends such as Australia's Cyber Security Strategy, rising AI threats, and new regulations like NIS 2 and DORA shaping global security practices.

A Feeling Of Foreboding: The Privacy Risks Of Emotion-Reading Wearables

Exploring the potential and privacy risks of emotion-reading wearable technology, with insights from Duke University professor Nita Farahany, Danny Bradbury highlights concerns over brain data privacy and the need for regulatory safeguards.

An Integrated Approach: How ISMS.online Achieved ISO 27001 and ISO 27701 Recertification

Christie Rae shares how ISMS.online achieved recertification for ISO 27001 and ISO 27701 alongside Cyber Essentials, offering tips on audit preparation, insights from IMS Manager Mike Jennings, AfCIIS , and the value of an integrated approach to people, processes, and technology.

Five Cybersecurity and Compliance Trends to Watch in 2025

Phil Muncaster outlines five key cybersecurity trends for 2025, offering insights into tackling generative AI-powered phishing, addressing the convergence of nation-state and cybercrime activity, and navigating significant shifts in UK regulatory compliance with new legislation.


Latest News 


British hospitals hit by cyberattacks still battling to get systems back online

Children's Hospital and cardiac unit say criminals broke in via shared 'digital gateway service' > Read more

Meta to pay landmark $50 million settlement over privacy scandal

Meta has agreed to a landmark $50 million settlement with Australia's information commissioner. > Read more

Hacker Leaks Cisco Data

IntelBroker has leaked 2.9 GB of data stolen recently from a Cisco DevHub instance but claims it's only a fraction of the total. >Read more

Rhode Island hit by data breach as hackers demand ransom

Rhode Island has suffered a severe cyberattack that has potentially exposed the personal data of hundreds of thousands of residents. > Read more

Phishers cast wide net with spoofed Google Calendar invites

Criminals are spoofing Google Calendar emails in a financially motivated phishing expedition that has already affected about 300 organisations. More than 4,000 emails have been sent over four weeks. >Read more

Texas Tech University System data breach impacts 1.4 million patients

The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. >Read more

Ransomware attack on Blue Yonder disrupts retailers ahead of holidays

Starbucks, Sainsbury and Morrisons are among the companies affected by the supply chain attack. >Read more


Free Resources  


Check Out The Latest Episodes of the Phishing For Trouble Podcast

Episodes 1 to 5 of our brand-new podcast are live, diving into high-profile cybersecurity and compliance incidents to uncover critical lessons and practical tips to help businesses stay secure and resilient.> Listen Now

GUIDE: AI Management Made Easy: The No-Stress Guide to ISO 42001

With enforcement dates for the EU AI Act fast approaching, now is the perfect time to start thinking about your AI compliance and management. Our comprehensive guide offers a deep dive into the fundamental principles of ISO 42001 and practical steps to achieve compliance and unlock effective AI management in your business. >Download Now

WEBINAR: Transitioning to ISO 27001:2022: Key Changes and Effective Strategies

From 31 October 2025, ISO 27001:2013 certificates will be invalid, requiring organisations to transition to ISO 27001:2022. Our on-demand webinar covers the critical changes between the 2013 and 2022 versions, provides a clear roadmap to transition effectively, and highlights the benefits of adopting the latest standard. > Watch Now


Your Compliance Success Story Starts Here

If you're looking to start your journey to better information security and data privacy management, we can help. 

 Our ISMS SaaS platform enables a simple, secure and sustainable approach to information management with ISO 27001, SOC 2, NIST and over 100 other frameworks. Unlock your competitive advantage today. 

 Follow us on social media.

LinkedIn

Twitter


Rory Ovedje

SEO/Content Writer | B2B SaaS| Compliance Analyst in Training | Helping businesses grow with ease | Content on marketing, technology, and law

1w

Awesome stuff. 🎉

Like
Reply

To view or add a comment, sign in

More articles by ISMS.online

Insights from the community

Others also viewed

Explore topics