The Data Privacy, Compliance and Risk monthly newsletter from ISMS.online – Feb 2025

February has been busy with governance, risk, and compliance news, so this month's newsletter is bursting with the latest essential headlines, helpful content, reports and insights to keep you up to date and help your business achieve simple, sustainable and scalable information security.

Read on to learn more about the latest stories that could impact your organisation and access handy resources and timely insights.

Latest Blogs?

What The EU's Changes To The Cybersecurity Act Mean For Businesses

New amendments to the Cybersecurity Act (CSA) mandating certification schemes for managed security services require organisations to take key steps to ensure they comply; Nicholas Fearn looks at these changes and how ISO 27001 can help streamline compliance.

Navigating Cyber Complexity in a Risky World: Lessons Learned from WEF

The 2025 World Economic Forum Global Risks Report ranked "cyber espionage and warfare" and "adverse outcomes of AI technologies" on its list of risks to businesses. Phil Muncaster examines the report in full and what organisations can do now to ensure future resilience.

The State of Online Privacy in the UK: Are We Doing Enough?

With increasing consumer awareness and regulatory scrutiny, UK businesses are under pressure to strengthen data privacy protections. Christie Rae explores their challenges and why a unified approach to compliance is essential.

Will the UK's AI Growth Plans Also "Mainline" Cyber Threats?

The UK's AI Opportunities Action Plan aims to drive innovation, but it also raises concerns about cybersecurity risks. Phil Muncaster breaks down the key threats and examines how ISO 42001 can provide a structured approach to secure and ethical AI development.

Hunting RATs: How to Mitigate Remote Access Software Risks

Remote access tools (RATs) help businesses manage IT environments but also create potential entry points for cyber threats. This deep dive explores how organisations can reduce risk by following best practices and implementing frameworks like NIST CSF and ISO 27001.

Future Proof Your Privacy with a Robust and Scalable Compliance Plan

Evolving regulations make data privacy compliance more complex than ever. Christie Rae explores how businesses can use frameworks like ISO 27701 to build a scalable, future-proof approach to compliance.

Latest News?

The UK's war on encryption affects all of us

The UK is demanding backdoor access to iCloud users' encrypted backups worldwide. > read more

EU puts out guidance on uses of AI that are banned under its AI Act

The first compliance deadline kicked in a couple of days ago for the European Union's AI Act, a risk-based framework for regulating uses of artificial intelligence — banning a narrow selection of so-called "unacceptable risk" use cases of AI. >read more

WA Government passes innovative Privacy and Responsible Information Sharing regime

The Western Australian Government has passed privacy and responsible information-sharing laws impacting public sector entities and their contracted service providers.> read more

News Corp bans staff from using DeepSeek over 'security and privacy risks

Rupert Murdoch's publishing and digital real estate business has become one of the largest companies to raise alarms over DeepSeek's use by employees. > read more

Finastra Starts Notifying People Impacted by Recent Data Breach

British fintech giant Finastra last week started sending written notifications to individuals who had their personal information stolen in a data breach. >read more

Shadow AI: How unapproved AI apps are compromising security, and what you can do about it

Security leaders and CISOs are discovering that a growing swarm of shadow AI apps has been compromising their networks, in some cases for over a year.> read more

MGM will pay $45 million to settle data breach lawsuit

The class-action lawsuit covered data breaches in 2019 and 2023 that exposed 37 million customer's information.> read more

Free Resources??

Binge The Entire First Season of Phishing For Trouble Now!

All ten episodes of our new podcast series are live, diving into high-profile cybersecurity and compliance incidents to uncover critical lessons and practical tips to help businesses stay secure and resilient.> Listen Now

Upcoming Webinar: Integration Excellence- Connecting ISMS.online with JIRA, ServiceNow, Data Visualisation Tools, and More

Discover how ISMS.online 's advanced integrations empower organisations to work smarter, not harder. Through hands-on demonstrations, we'll walk you through connecting ISMS.online with essential tools like JIRA, Slack, and data visualisation platforms to drive efficiency and compliance success. >Register Now

GUIDE: AI Management Made Easy: The No-Stress Guide to ISO 42001

This month, we observed Safer Internet Day, a day to promote the safe, responsible, and positive use of digital technology. As artificial intelligence (AI) technology advances, organisations must ensure the ethical development and implementation of AI systems. Now is the perfect time to start considering your AI compliance and management. Our comprehensive guide offers a deep dive into the fundamental principles of the new AI framework ISO 42001 and practical steps to achieve compliance to unlock effective AI management in your business. >Download Now

Your Compliance Success Story Starts Here

If you're looking to start your journey to better information security and data privacy management, we can help.?

Our ISMS SaaS platform enables a simple, secure and sustainable approach to information management with ISO 27001, SOC 2, NIST and over 100 other frameworks.?Unlock your competitive advantage today.??

Follow us on social media.

LinkedIn

Blue Sky

Twitter