Training Video – Introduction to GDPR
This Introduction to GDPR training on the European Union General Data Protection Regulation (GDPR) provides a comprehensive overview of the GDPR's key concepts and requirements, its implications across industries, and practical steps to achieve compliance. Watch the Introduction to GDPR video to learn: What GDPR is and how it strengthens the privacy rights of data subjects Who are considered data subjects under GDPR Why is GDPR important and what are the benefits to data subjects and organizations What are the obligations and requirements for Data controllers and Data processors when handling
What is the cost of a data breach?
According to IBM's latest report, the average cost of a data breach in 2023 has surged to $4.45 million. This represents a 2.3% increase compared to the previous year and a 15.3% rise from the figures recorded in 2020. The report highlights the key factors influencing data breach costs. These include: involving law enforcement when handling ransomware incidents the industry in which the breach occurs, with healthcare and financial sectors facing the most significant costs, and the scope of the breach, especially if it affects multiple environments. One of the other insights
Unlock Business Opportunities with ISO 27001:2022 Certification
In our digitally connected era, information security is paramount for organisations. Published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), ISO 27001:2022 is an international standard that details the requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). In this series of articles we’ll explore its benefits, limitations, and the latest updates. By Richard Nealon About ISO 27001 I’ve always been a fan of 27001, even before it was born. Back in the early 1990s there were only two publicly available computer security
Navigating the Shift: what changes in PCI DSS 4.0
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment. The PCI Security Standards Council (PCI SSC) released the latest version 4.0 of the PCI Data Security Standard (PCI DSS) on 31st of March 2022. This article aims to provide an overview of the changes introduced in PCI DSS 4.0 and offer recommendations for organisations to remain compliant. Why is the Transition Important? Revisions introduced by PCI DSS
Securing the Code: PCI DSS v4.0 Requirement 6.2.2 for Software Developers
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. PCI DSS v4.0 Requirement 6.2.2 focuses on software security training for development personnel working on bespoke and custom applications. Overview The PCI DSS v4.0 Requirement 6.2.2 mandates that software development personnel must receive training at least once every 12 months. The training should cover the following crucial areas: Software Security Relevant to Their Job Function and Development Languages: Developers
