Latest News

  • POWER CUT, power cuts, business continuity, disaster recovery, business continuity plan, iso, iso 22301

    Tips from URM – Are you ready for the next power cut?

    Are you ready for the unexpected? Here’s some food for thought. Did you know that: ► More than 40% of businesses affected by the Manchester bombing of 1996 went out of business? ► Approximately 18,000 businesses ceased to exist following the attacks of September 11 2001 ► 92 businesses employing 9,500 staff were forced to […]

  • URM changes its name!

    Since 2005, URM has provided consultancy and related services in the areas of information security, data protection, business continuity and risk management.  and through our branding we are predominately known as URM and, as such, have changed our registered name from Ultima Risk Management Limited to URM Consulting Services Limited. The change of name was in […]

  • passwords management, passwords, security, cyber security, cyber, security , information security , isms, infosec, iso, sio27001, international standards, iso22301, breach

    Tips from URM – Password management – What is best practice?

    One of the long-held beliefs underpinning many a password policy is that forcing a regular password change is a good thing.  After all, by changing our passwords on a regular basis we might be able to stop an attacker taking advantage of a password they may have discovered.   However, by forcing users to change […]

  • Security breach - how do we protect ourselves?, URM, cyber security, security, information security , breach, control, infosec, infosecurity, protection, pentest, iso 27001

    Tips from URM – Security breaches – how do we protect ourselves?

    In recent weeks the news has, once again, been peppered with high-profile information security breaches. Many of us find ourselves asking, how do we avoid hitting the headlines for wrong reasons?  This week’s top tip looks at where to start. Avoiding security breaches is not the responsibility of a single individual, irrespective or technical ability, […]

  • information security controls you should implement, infosec, information security, ISO 27001, International Standards

    Tips from URM – What dictates which information security controls you should implement?

    The information security controls that all organisations need to implement are heavily dependent  on the information being stored, processed or transmitted and the purpose of the processing.  For example, whilst regular penetration testing may be appropriate for some organisations, it may not be required for others.     This is where risk management kicks in.  Best practice dictates that you need to identify the risks that your organisation faces before proceeding with the implementation of appropriate controls to reduce these risks to a level which is acceptable to your stakeholders.  Risk appetite will typically be defined by directors, shareholders or regulators along with compliance […]

  • Data Transfer, gdpr, data protection , information security, infosec,, infosecurity

    Data Transfer – Are Standard Contractual Clauses Sufficient?

    Are Standard Contractual Clauses Sufficient? This week’s top tip looks at a very specific area of GDPR – Article 28 to be precise and data transfer outside of the EEA. One of the ways in which you can legitimise an ex-EEA data transfer is by using the standard contractual clauses (SCCs).   Article 28 mandates […]

  • Quick and simple BC exercises, practica advice with regards to Business Continuity , ISO 22301 ISO International Standard, , top tip,

    Tips from URM – Quick and simple BC exercises

    In a previous blog we looked at the different types of exercise you can utilise to validate your business continuity approach.  This week’s top tip focuses on the desk check and facilitated discussion.   At the simplest level, within any good business continuity (BC) exercise programme, lie the following two types of exercise:   A […]

  • ICO fines BA £183m fines can be levied for administrative and governance failures, not just data security breaches. Are you doing enough in reviewing and implementing appropriate information security and privacy management controls to limit the potential impact to your organisation?

    Tips from URM – Reviewing and Implementing Management Controls

    ICO fines BA £183m There are enough articles out there regurgitating the news about the BA data breach which we aren’t going to repeat.  For us the message is simple, and let’s make no bones about it, the Commissioner has enhanced powers under DPA 18/GDPR and clearly intends to use them.   Prior to this […]