ISO 27001 is the International Standard for Information Security Management, providing organisations of all sizes and in any sector with a framework and approach for protecting information. It is one of the most widely adopted ISO standards, as well as …
The Payment Card Industry Data Security Standard (PCI DSS), sometimes shortened to PCI, is an international security standard comprised of a set of controls. These controls must be applied to technologies, security policies, and ongoing processes to protect payment systems …
Penetration testing, or ‘pen testing’, as it is often shortened to, gives your organisation the opportunity to identify and rectify vulnerabilities and security risks before cyber criminals can exploit them. This proactive approach is allows you to significantly improve your …
Phishing is a social engineering attack or scam in which a malicious actor tries to trick an end-user into sharing confidential information such as login details, network information or payment card information. Usually, phishing emails are made to look like …
For many years, regular password change has been held as the best-practice approach to maintaining password security, stemming from the idea that if passwords are frequently changed, this will decrease the probability of an attacker being able to exploit a …
Broadly speaking, internal auditing is an evaluation of an organisation’s internal controls for the purpose of checking compliance with legislation, regulations and standards. In this blog, however, we will be specifically looking at internal auditing as it pertains to ISO …
Maintaining information security is of vital importance for any organisation, particularly those that handle personal or sensitive data. Data breaches can have a huge, negative impact on the reputation of an organisation, and, if an organisation is found to be …
Introduced in 2018 by the EU (and adopted into UK legislation), the General Data Protection Regulation (GDPR) is a regulation which grants individuals in the EU and UK rights over how their data is processed by organisations. Any organisation that …
Under the Payment Card Industry Data Security Standard (PCI DSS), merchants and service providers are subject to different requirements and have different responsibilities. While merchants will usually know they are merchants, having come to a merchant agreement with a payment …
Not a member yet? Register now
Are you a member? Login now