Test your defences before hackers do – whether internally or externally
Welcome to this week’s Security Spotlight, where we shine a light on:
New Q&A | The Insider Threat: Strategies to Safeguard Against Malicious Insiders
Your biggest security threat may be hiding in plain sight: your employees.
No business can operate without trusting its people. Without access to confidential information and essential systems, staff can’t perform their roles.
But if an insider turns malicious, regardless of their motivation, they can significantly damage your organisation. After all, their account is supposed to have access to sensitive data!
Our head of security testing, James Pickard , explains how your organisation can protect itself.
Q&A | How to Address AI Security Risks With ISO 27001
AI is taking the world by storm. But for all its potential, there are legitimate concerns around, among other things, data security.
AI may surface your sensitive data. Plus, AI-powered scams are incredibly convincing – they can be fully tailored to the individual.
An exposure assessment (an ‘AI penetration test’) can help you test your defences.
Bridget Kenyon , lead editor for ISO 27001:2022, explains further. She also explains how to educate users on the risks of AI.
We’ve also updated our index of interviews again!
New blog | 3 ISO 27001:2022 Controls That Help Secure Your Cloud Services
Cloud computing offers organisations easy-to-scale services, extended IT capabilities and access to innovations.
But innovation comes with risk.
If you can access data in the Cloud from anywhere, how will you keep that data safe and restrict access to authorised users?
Implementing controls – such as from international standard ISO 27001 – can help.
This blog looks at 3 ways ISO 27001 can help protect information in the Cloud.
New blog | GDPR: Data Subject Rights and Organisations’ Responsibilities
The GDPR grants data subjects 8 rights.
These rights are a fundamental part of the GDPR.
Helen Pettit , a data subject rights consultant for our sister company GRCI Law , explains them all in this blog.
Recommended by LinkedIn
Free report | GDPR Benchmark Report 2024
The GDPR Benchmark Report 2024 is out!
This report, by our sister company DQM GRC , covers 4 years of gap analysis results, taken from organisations across a wide range of industries and sizes.
Find out how your organisation measures up when it comes to GDPR compliance. And get our top tips for overcoming your compliance challenges.
Workshop | Information Security Risk Assessment Workshop
Tuesday, 22 October 2024, 2:00 – 4:00 pm (BST)
This hands-on 2-hour workshop improves your skills in conducting an information security risk assessment – a critical process for securing your organisation.
Become confident in your ability to identify, assess and mitigate risks methodically while working with internal teams and suppliers.
Led by Andrew Pattison , head of GRC consultancy at IT Governance Europe Ltd , this session will guide you through the practical application of risk assessments using a real-world example.
We previously interviewed Andrew about pragmatic ISO 27001 risk assessments and third-party risk management.
Free webinar | Cyber Essentials vs ISO 27001: Which cyber security framework is right for you?
Tuesday, 12 November 2024, 3:00 – 4:00 pm (GMT)
Choosing the right cyber security framework can be daunting.
This webinar breaks down the key differences between Cyber Essentials and ISO 27001.
Our experts Ashley Brett and Andrew Pattison will:
Whether you’re a small business looking to strengthen your security or a larger organisation considering ISO 27001, this session will provide the clarity you need to make an informed decision.
We previously interviewed Ashley about the key differences between Cyber Essentials and ISO 27001.
Speak to an information security expert
With 20+ years’ experience in information security, we understand risk management.
Our experts have implemented information security programmes for hundreds of organisations across a multitude of industries in both the private and public sectors.
New to the world of information security and need advice on how to get started?
Or updating an existing information security programme?
Our experts are here to help.