Data Privacy, Compliance & Risk Monthly Round-Up
ISMS.online
Protect and grow your business with the leading ISO 27001 and compliance solution. ISO27001, ISO27701, GDPR, SOC2 + more
We’re back with our monthly round-up of all the critical news, headlines, blogs and resources covering information security risk, compliance and data privacy.
As we settle into 2024, the information security, risk and compliance landscape has never been more complex, more integral to business success, nor more in the headlines. We want to help every organisation achieve simple, secure and sustainable security and hope this newsletter is the first of many positive steps for you towards that goal.
Latest Blogs
The Australian government's new Cyber Security Strategy is a huge document with big implications for local businesses and critical infrastructure providers. Phil Muncaster breaks it all down for you.
Changes to California’s landmark CCPA privacy regulations are coming following a milestone in December for the state’s data protection watchdog. Danny Bradbury unpacks the latest revisions.
Sweeping new EU cybersecurity rules for the aviation sector were published last October. Organisations have until October 2025 or February 2026 to comply, depending on how they are classed. John Leyden breaks down everything you need to know.
Data contributed 7% to the UK GDP in 2022. However, cyber-attacks and extreme weather threats could imperil that significant contribution to the economy. That’s why the government is set to introduce a new regulation for third-party co-location/co-hosting data centres. Phil Muncaster explores:
Nicholas Fearn explores a recent ECJ ruling in December which could significantly impact GDPR compliance across the region and looks at best practice actions businesses should take now.
Cyber “insecurity” is now one of the top four global risks facing organisations, according to the latest WEF study. Phil Muncaster explores the World Economic Forum Global Risks Report in more detail.
Latest News?
NCSC warns CNI operators over ‘living-off-the-land’ attacks
Malicious, state-backed actors may well be lurking in the UK’s most critical networks right now, and their operators may not even know until it is too late, warn the NCSC and its partners. > Read here
Fraudsters use deepfake technology to trick employee into paying millions
Worker reportedly realised it was scam only a week later upon inquiring with the company’s headquarters. > Read here
领英推荐
FTC orders Blackbaud to delete unnecessary consumer data
The FTC has ordered Blackbaud to delete any unnecessary personal data it holds, in the latest fallout stemming from the software provider’s 2020 ransomware attack. > Read here
Security executives slam Microsoft over latest breach
Criticisms about Microsoft's breach include the lack of multifactor authentication on the targeted account and the company's approach to disclosing information about the attack. > Read here
Dutch watchdog fines Uber 10 million euros over privacy regulations infringement
The Dutch data protection authority (DPA) on Wednesday fined Uber 10 million euros ($11 million) for infringement of privacy regulations regarding its drivers personal data. > Read here
?LockBit Infrastructure Disrupted by Global Law Enforcers
Notorious ransomware gang LockBit has been taken down by a global law enforcement operation. > Read here
Free Resources
Get Ready for the Digital Operational Resilience Act
With just 12 months left to achieve compliance with the Digital Operational Resilience Act (DORA), John Leyden breaks down everything you need to know in his blog, and we've created a handy 15-step checklist to help get you on your way to compliance. > Access Here
Mapping the PCI-DSS v4 Framework to the Updated ISO 27001:2022
Staying ahead in the cybersecurity game isn't just about meeting standards—it's about strategic innovation. Our latest guide does just that, mapping the PCI-DSS v4 standard with the updated ISO 27001:2022 framework to provide a roadmap for financial and e-commerce organisations to achieve concurrent compliance. > Download Here
Getting Started With NIS 2
With nine months left for businesses to ensure they align with NIS 2 requirements, we've created a structured approach to seamlessly integrate these changes into your operations and achieve compliance in our comprehensive yet easy-to-follow guide. Download Now
Your Compliance Success Story Starts Here
If you're looking to start your journey to better information security and data privacy management, we can help.?
?Our ISMS SaaS platform enables a simple, secure and sustainable approach to information management with ISO 27001, SOC 2, NIST and over 100 other frameworks.?Unlock your competitive advantage today.?
?