Luke Irwin, Author at IT Governance USA Blog

What is the cost of a health care data breach in the US?

Luke Irwin July 7, 2021

The health care sector is the sector worst-affected by data breaches, a US government report has revealed. According to the US Department of Health and Human Services’ 2020 Healthcare Breach Report, security incidents in the hospitals and medical clinics resulted …

[Continue Reading...]

5 tips to protect your organization from ransomware

Luke Irwin June 23, 2021

Ransomware is one of the biggest cybersecurity risks currently facing organizations. Indeed, our sister company found in Q1 2021, almost one in three publicly disclosed security incidents was the result of ransomware. Recent attacks on Colonial Pipeline and JBS have …

[Continue Reading...]

How law firms can tackle cyber threats with ISO 27001

Luke Irwin June 16, 2021

Information security must be a top priority for the legal sector, given the vast amounts of sensitive data such organizations process. Unfortunately, few organizations are doing enough to tackle the threat. According to a 2020 American Bar Association Report, 29% …

[Continue Reading...]

What you need to know about the DoD’s Cybersecurity Maturity Model Certification program

Luke Irwin June 9, 2021

As of November 30, 2020, all U.S. defense contractors are required to assess their NIST SP 800-171 compliance if they are to receive a new contract or extend an existing one. The obligations are part of the CMMC (Cybersecurity Maturity …

[Continue Reading...]

What impact will President Biden’s cybersecurity executive order have?

Luke Irwin June 2, 2021

Last month, President Biden signed an executive order to strengthen the federal government’s cybersecurity practices. The decree comes amid a spate of attacks on government systems and essential services, with the widescale data breach at the software provider SolarWinds proving …

[Continue Reading...]

How ISO 27701 and the GDPR help secure your organization

Luke Irwin May 26, 2021

If your organization takes information security seriously, you’ve probably come across ISO 27001, the international standard that describes best practice for an ISMS (information security management system). But you may be less familiar with ISO 27701. It’s the newest standard …

[Continue Reading...]

Why penetration testing is essential for GDPR compliance

Luke Irwin May 12, 2021

Article 32 of the EU GDPR (General Data Protection Regulation) requires organizations to implement technical measures to ensure data security. Specifically, it highlights the need for “a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational …

[Continue Reading...]

Top 5 tips to protect you from smishing

Luke Irwin May 5, 2021

Smishing is one of the fastest-growing cyber threats, with as many as 84% of organizations encountering an attack last year, according to a Proofpoint study. The attacks – which are a specific type of phishing conducted over text message – …

[Continue Reading...]

Received a suspicious email? Ask yourself these 3 questions before you click

Luke Irwin April 27, 2021

We know how easy it is to get caught out by scam emails. You may be hurriedly reading through your messages, you may be worried about what will happen if the message turns out to be legitimate and you’ve ignored …

[Continue Reading...]

Does your organization need a privacy policy?

Luke Irwin April 13, 2021

You may have been told that your organization needs a privacy policy if you’re processing people’s personal data. However, did you know this is only the case if you are subject to specific laws? In this blog, we explain the …

[Continue Reading...]

Luke Irwin Archive