These are challenging times, As a gesture of support and goodwill to all those battling to keep us safe URM will donate 25% of any: to go towards the fight against Coronavirus! This will be in the form of donations for much needed medical equipment and NHS staff respite. THIS IS OUR MESSAGE TO YOU Stay […]
URM is delighted to announce that is it the sole organisation able to deliver National Institute of Standards and Technology (NIST) Cybersecurity Professional (NCSP) training courses in England, Scotland and Ireland (both the Republic of Ireland and Southern Ireland). The courses are approved by NIST, a world-leading intelligence, cyber and security agency and accredited by GCHQ […]
URM is increasingly being contacted by clients with questions about Covid-19 planning, specifically, ‘How do we prepare and what should we be considering?’ In response to this, URM has developed a half-day facilitated workshop which we can deliver onsite at your premises or remotely if you prefer. The workshop, facilitated by one of URM’s senior consultants, […]
In an unprecedented move, the Payment Card Industry Security Standards Council (PCI SSC) is allowing fully remote assessments. PCI SSC has always made it clear that it intends for on-site testing to be the norm, with the majority of PCI DSS assessment testing completed at the client’s physical location. In a blog published yesterday, however, Tony […]
17th February 2016 Specialists in information security, risk management and business continuity; URM is the first training provider to gain GCHQ certification for an ISO 27001 training course. The certification was awarded by APMG International, GCHQ’s independent certification body responsible for ensuring training providers match GCHQ’s high standards. GCT (GCHQ Certified Training), formerly known as […]
In November 2014 CESG, the information security arm of GCHQ, launched a certified training (CCT) scheme to set a benchmark for certifying cyber and information security training. As of 1 January 2016, this scheme was rebranded as GCHQ Certified Training (GCT). The aim of the scheme remains the same, i.e. to help organisations navigate the […]
On 15 April 2015, an updated version of the Payment Card Industry Data Security Standard (PCI DSS v3.1) was released by the PCI Security Standards Council (PCI SSC). Whilst there are minor updates and clarifications to the Standard, the most significant change addresses vulnerabilities within the Secure Sockets Layer (SSL) encryption protocol that can put […]
A UK travel company, Think W3 Limited, has been fined £150,000 by the Information Commissioner’s Office (ICO) for leaking more than 1,000,000 credit card records. A customer database was designed for ‘Internal Use’ but published on the main server with an authentication page and “secret URL”. However, it didn’t take long for hackers to realise […]
The EU (European Parliament) has cemented the strong support previously given at committee level to the European Commission’s data protection reform (MEMO/13/923 and MEMO/14/60) by voting in favour of reform. The data protection reform will ensure more effective control of people over their personal data, and make it easier for businesses to operate and innovate […]