Subject to approval from the European Parliament, the UK will formally leave the EU on 31 January with a withdrawal deal and will enter a transition period until 31 December 2020. With this in mind, where does that leave the UK from a data protection perspective and what steps, if any, do organisations need to […]
When Windows 7 was released on 22 October 2009, Microsoft committed to support this operating system for 10 years. The decade of support ends today and, as a result, Microsoft will no longer issue software updates via Window Update. Naturally, Microsoft has been urging Windows 7 users to upgrade their operating systems (OS) to […]
This week’s blog looks at software asset management (SAM). URM has been involved in delivering classroom-based training on SAM for 14 years and with a new syllabus being released by the BCS reflecting current challenges and disciplines, we thought it was the ideal time to provide our perspective on SAM. In particular, we want to […]
So, the new year had barely begun, when news of another ransomware attack broke (https://www.bbc.com/news/technology-50972890). This time, a US military base was compromised but there was a very familiar storyline with officials reporting that they believed the ransomware was sent in a malicious email link, clicked by an employee. For those of you who are not familiar with this specific type of malicious software, […]
This week’s blog takes a look at data protection officers (DPOs) and considers when to look in-house and when a virtual, external resource or hybrid resource may be a better option. So, let’s start by considering the requirement for a DPO. Under Article 37 of the General Data Protection Regulation (GDPR), certain organisations are required […]
With Christmas just around the corner, this is one of the busiest times of the year for many businesses, and particularly PCI DSS compliant organisations. It will be of no surprise to anyone that the number of card transactions being processed at this time of year increases dramatically. With the increase in the volume of […]
In a previous blog, we looked at the importance of an organisation establishing a tried and tested subject access request (SAR) response process. Having a well-drilled team following a clearly defined process is all well and good but will be largely redundant if SARs received across the organisation are not getting through to your dedicated individual […]
Following the publication of various draft versions of the Standard, BS EN ISO 22301:2019 was released last week. In this week’s Blog, URM provides you with its analysis of 5 key differences from the 2012 version of this International Standard for Business Continuity Management Systems. • The 2019 edition is significantly less detailed and prescriptive than […]
In 2002 when URM first started to develop and deliver information security, business continuity and risk management courses, the demise of classroom training was being strongly predicted in favour of computer-based, self-study training. Despite the doom-mongers’ predictions, 17 years later face-to-face training is still going strong. In some ways, you could argue the continuing demand for […]
Introduction Due to the increased use of information technologies and the ‘human’ involvement (both malicious, accidental and incompetent!), it is inevitable we are all going to face more and more information security incidents in the future. The challenge for all of us is minimising the likelihood of an incident occurring and also preparing for the […]