August 2019

  • URM changes its name!

    Since 2005, URM has provided consultancy and related services in the areas of information security, data protection, business continuity and risk management.  and through our branding we are predominately known as URM and, as such, have changed our registered name from Ultima Risk Management Limited to URM Consulting Services Limited. The change of name was in […]

  • passwords management, passwords, security, cyber security, cyber, security , information security , isms, infosec, iso, sio27001, international standards, iso22301, breach

    Tips from URM – Password management – What is best practice?

    One of the long-held beliefs underpinning many a password policy is that forcing a regular password change is a good thing.  After all, by changing our passwords on a regular basis we might be able to stop an attacker taking advantage of a password they may have discovered.   However, by forcing users to change […]

  • Monzo Bank tells customers to change their PINs after security, pci dss, card security monzo bank pin security infosec information security

    To store or not to store? That is the multimillion-dollar (fine) question.

    This week’s blog tackles the question of storing cardholder data and why the Payment Card Industry Data Security Standard (PCI DSS) is so beneficial. Fundamentally, it is very clear on this topic – if you don’t need it, don’t store it.  Furthermore, if you do need it, make sure that you know everywhere it is […]

  • Importance of ISO 27001 internal audit, interna audit, audit, urm, URM, ISO 27001, InformationSecurity, Infosec, Infosecurity, International standard, ISO

    Importance of ISO 27001 internal audits

    Definition With this week’s blog, the spotlight turns to internal audit and specifically in the context of ISO 27001, the International Standard for Information Security Management. We will step right back and look at internal auditing from the perspective of those new to the subject or those trying to understand where and why it fits. […]

  • Security breach - how do we protect ourselves?, URM, cyber security, security, information security , breach, control, infosec, infosecurity, protection, pentest, iso 27001

    Tips from URM – Security breaches – how do we protect ourselves?

    In recent weeks the news has, once again, been peppered with high-profile information security breaches. Many of us find ourselves asking, how do we avoid hitting the headlines for wrong reasons?  This week’s top tip looks at where to start. Avoiding security breaches is not the responsibility of a single individual, irrespective or technical ability, […]

  • Data Protection | Management System Standards | Which is best for me? GDPR ISO 27001 , information security, infosec

    Data Protection and Management System Standards – Which is best for me?

    A question we are increasingly asked is ‘Is there a catch-all international standard that effectively proves external verification of data protection compliance?’  It would be great if the answer to that question was a simple yes, but currently, despite some disingenuous marketing to the contrary, there is no official GDPR certification either centrally or from […]