ISO 27001 is the international standard that describes best practice for an ISMS (information security management system). Achieving accredited certification to ISO 27001 demonstrates that your organization is following information security best practice, and delivers an independent, expert assessment of whether …
The health care sector is the sector worst-affected by data breaches, a US government report has revealed. According to the US Department of Health and Human Services’ 2020 Healthcare Breach Report, security incidents in the hospitals and medical clinics resulted …
It’s no secret that health care is one of the most vulnerable sectors when it comes to cyber crime. Medical records come with higher black market values than other information like credit card numbers. As a result, cyber criminals are …
Ransomware is one of the biggest cybersecurity risks currently facing organizations. Indeed, our sister company found in Q1 2021, almost one in three publicly disclosed security incidents was the result of ransomware. Recent attacks on Colonial Pipeline and JBS have …
Information security must be a top priority for the legal sector, given the vast amounts of sensitive data such organizations process. Unfortunately, few organizations are doing enough to tackle the threat. According to a 2020 American Bar Association Report, 29% …
As of November 30, 2020, all U.S. defense contractors are required to assess their NIST SP 800-171 compliance if they are to receive a new contract or extend an existing one. The obligations are part of the CMMC (Cybersecurity Maturity …
Last month, President Biden signed an executive order to strengthen the federal government’s cybersecurity practices. The decree comes amid a spate of attacks on government systems and essential services, with the widescale data breach at the software provider SolarWinds proving …
If your organization takes information security seriously, you’ve probably come across ISO 27001, the international standard that describes best practice for an ISMS (information security management system). But you may be less familiar with ISO 27701. It’s the newest standard …
Article 32 of the EU GDPR (General Data Protection Regulation) requires organizations to implement technical measures to ensure data security. Specifically, it highlights the need for “a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational …
Smishing is one of the fastest-growing cyber threats, with as many as 84% of organizations encountering an attack last year, according to a Proofpoint study. The attacks – which are a specific type of phishing conducted over text message – …
