Chloe Biscoe, Author at IT Governance USA Blog

ISO 27001 Implementation Challenges – And How to Overcome Them

Chloe Biscoe February 2, 2023

Given the current state of the information security industry, there shouldn’t be any doubt that organizations must prioritize effective defence measures. According to one report, there were more than 1,000 publicly disclosed security incidents last year, while the average cost …

[Continue Reading...]

How to write a GDPR-compliant subject access request procedure

Chloe Biscoe March 13, 2019

Since the EU General Data Protection Regulation (GDPR) is in effect, EU residents have the ‘right of access’ to their data. If your organization collects or uses their data, they can request: Confirmation that their data is being processed Access …

[Continue Reading...]

Creating an information security policy for your business

Chloe Biscoe July 31, 2018

When your organization begins trying to achieve ISO 27001 certification, you will need to prove your compliance with the Standard with appropriate documentation. One of the documents you must create and maintain is an information security policy. What is an information security …

[Continue Reading...]

How to write a GDPR privacy notice – with example documentation template

Chloe Biscoe July 17, 2018

A key part of your EU GDPR (General Data Protection Regulation) compliance project is producing documentation to demonstrate you are fulfilling your responsibilities under the Regulation. One such document is a privacy notice. If you’re arriving to the GDPR party late (the Regulation …

[Continue Reading...]

Successfully implement ISO 27001 with March’s book of the month

Chloe Biscoe March 22, 2018

ISO 27001 is the international standard that describes best practice for an information security management system (ISMS). Achieving accredited certification to the Standard demonstrates that your organization is following information security best practice and your data is sufficiently protected. Why …

[Continue Reading...]

Security programs cannot succeed without considering people

Chloe Biscoe February 8, 2018

Information security professionals constantly face a conflict between the security team and the rest of the business. They must ensure that their organization is adequately addressing information security risks, but they also must communicate the value of security appropriately to …

[Continue Reading...]

Protect your home office from cyber crime

Chloe Biscoe December 13, 2017

According to a new report from FlexJobs, approximately 3.9 million US employees work from home at least half of the time. This equates to almost 3% of the US workforce. A home office is usually the highest priority for the …

[Continue Reading...]

Cybersecurity tips to stay safe online this Christmas

Chloe Biscoe December 8, 2017

Cyberspace, the Internet, computer networks, the digital world – call it what you will – is always developing and so are the threats and risks of being online. The holiday season is a good opportunity for cyber criminals to strike …

[Continue Reading...]

Forever 21 breach: Hackers target unencrypted POS systems

Chloe Biscoe November 24, 2017

Global fashion retailer Forever 21 has revealed that earlier this year hackers gained access to several of its unencrypted payment card systems and potentially stole payment information belonging to customers. In a press release, Forever 21 said: “Forever 21 is …

[Continue Reading...]

GDPR fines could hit 50% of US organizations

Chloe Biscoe November 16, 2017

A recent study has revealed that 50% of organizations affected by the EU General Data Protection Regulation (GDPR) will not be in full compliance by the end of 2018. The study also revealed that roughly 80% of US organizations are …

[Continue Reading...]

Chloe Biscoe Archive