Luke Irwin Archive
The GDPR (General Data Protection Regulation) isn’t only about preventing data breaches (it’s equally focused on strengthening data subjects’ rights), but organisations have understandably honed in on the importance of effective data protection. Both objectives have clear benefits for organisations, but the …
Cyber attacks are an increasingly serious risk for organizations, but many senior staff seem to believe that their organization won’t be targeted. They might say that their organization is too small to be on attackers’ radars, or that they don’t …
On one of IT Governance’s EU General Data Protection Regulation (GDPR) training courses last year, a delegate from a well-known financial services company asked: I’ve just come on the course to understand how the GDPR works. Why do I need …
Whenever organizations seek certification, they rely on the good judgment of auditors. Most of the time that’s fine, but sometimes auditors pick up bad habits and make poor decisions. If you’re an auditor or an organization that’s being audited, you …
If you’re trying to advance your cybersecurity career, there’s good news. A report from job listings site Indeed found that the number of advertised cybersecurity jobs increased by 3.5% between March 2017 and March 2018. The report also lists the …
Many people mistakenly think that information security is all about technology. It obviously plays a massive part in any organization’s security measures, but technology alone can’t protect you from modern cyber threats. Rather, it forms one of three pillars on …
Information security policies are essential for tackling organizations’ biggest weakness: their employees. Everything an organization does to stay secure, from implementing state-of-the-art technological defences to sophisticated physical barriers, relies on people using them properly. It only takes one employee opening a phishing …
Just months earlier, the attorney generals from all U.S. states announced that California-based Uber was hit with a $148 million fine for failing to report a 2016 data breach. Now, the UK’s ICO (Information Commissioner’s Office) has fined Uber £385,000 …
Law firms arguably hold more sensitive data than any other type of business. After all, it’s not only their corporate data they need to account for, but also that of their clients. Files and servers contain intellectual property information, financial …
A version of this blog was originally published on April 24 2018. Although the EU GDPR (General Data Protection Regulation) is now in effect, many organizations are still working towards compliance. One part of the Regulation tripping people up is …
