Industry News

  • URM awarded GCHQ-certification for ISO 27001 training course

    17th February 2016 Specialists in information security, risk management and business continuity; URM is the first training provider to gain GCHQ certification for an ISO 27001 training course. The certification was awarded by APMG International, GCHQ’s independent certification body responsible for ensuring training providers match GCHQ’s high standards. GCT (GCHQ Certified Training), formerly known as […]

  • GCHQ Certified Training Rebranded

    In November 2014 CESG, the information security arm of GCHQ, launched a certified training (CCT) scheme to set a benchmark for certifying cyber and information security training. As of 1 January 2016, this scheme was rebranded as GCHQ Certified Training (GCT). The aim of the scheme remains the same, i.e. to help organisations navigate the […]

  • Revision to PCI DSS (3.1) Published to Address SSL Vulnerabilities

    On 15 April 2015, an updated version of the Payment Card Industry Data Security Standard (PCI DSS v3.1) was released by the PCI Security Standards Council (PCI SSC).  Whilst there are minor updates and clarifications to the Standard, the most significant change addresses vulnerabilities within the Secure Sockets Layer (SSL) encryption protocol that can put […]

  • UK Travel Company Fined After Losing 1,000,000 Credit Card Details

    A UK travel company, Think W3 Limited, has been fined £150,000 by the Information Commissioner’s Office (ICO) for leaking more than 1,000,000 credit card records. A customer database was designed for ‘Internal Use’ but published on the main server with an authentication page and “secret URL”. However, it didn’t take long for hackers to realise […]

  • Progress on EU Data Protection Reform Now Irreversible Following European Parliament Vote

    The EU (European Parliament) has cemented the strong support previously given at committee level to the European Commission’s data protection reform (MEMO/13/923 and MEMO/14/60) by voting in favour of reform. The data protection reform will ensure more effective control of people over their personal data, and make it easier for businesses to operate and innovate […]

  • BT Investigated over Email Data

    BT is being investigated by the UK’s data authority after a whistleblower claimed the company “exposed user credentials en masse”. BT is moving seven million customers to its new email service, away from Yahoo. It is understood that vulnerabilities were discovered while the new email system was in its testing phase last year, and that […]

  • British Pregnancy Advice Service (BPAS) fined £200,000 following data breach

    The British Pregnancy Advice Service (BPAS), a charity that offers help and advice to women considering a termination of pregnancy, has been served a £200,000 penalty following the data breach that revealed almost 10,000 users’ details to a hacker. The hacker, James Jeffery (previously jailed for 32 months in April 2012 for hacking the same […]

  • Head of Europol Warns Against Public wi-fi Networks

    Head of Europol’s cybercrime centre (Troels Oerting), has issued a warning that people should send personal data only across networks that they trust. He said the warning was motivated by the growing number of attacks being carried out via public wi-fi, “We have seen an increase in the misuse of wi-fi, in order to steal […]

  • URM supports UK’s first transition to ISO 27001:2013

    URM is delighted to announce that with URM’s support, Telstra Global EMEA has become the first organisation in the UK to be recommended for accredited transition to ISO 27001:2013 by its certification body. This reflects the hard work and dedication of the Telstra Global EMEA team, that quickly realised the benefits of transitioning to the new […]

  • The ICO begins public consultation on new guidance on data protection and the media

    The ICO has begun its public consultation on new guidance on data protection and the media. The draft guidance has been developed following Lord Justice Leveson’s recommendation that the Information Commissioner develops specific and comprehensive guidance on the application of the Data Protection Act to the press. The deadline for responses to the consultation on […]