The IT Governance Weekly Round-Up
Welcome to our October 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. This week, we also look at how organisations can better manage their cyber security, treating it as a continual evaluation and process, rather than a one time exercise, embedding a cyber defence in depth approach to stay one step ahead of the criminal hackers.
Catches of the Month: Phishing Scams for October 2022
Welcome to our October 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. This month, we look at a social engineering scam targeting an employee at the financial tech firm Revolut, the consequences of that attack, and – in more positive news – Microsoft’s improvements to phishing protection in Windows 11.
How to Manage Your Cyber Risks
One of the most common mistakes that organisations make when addressing cyber security is that they consider it a one-off event. Whether they’re taking small steps, such as installing antivirus software, or large ones, such as a GDPR (General Data Protection Regulation) compliance campaign, they consider it ‘job done’ when the implementation project is complete.
IT Governance Podcast Episode 10: Data protection reform, Easylife fine, Uber conviction and work
This week, we discuss yet more planned changes to UK data protection law, a £1.35 million GDPR fine for “predatory marketing”, the conviction of Uber’s former chief security officer, and a new book about how to establish an enjoyable career.
Retailer Easylife Fined £1.5m for Data Protection Breaches
The Information Commissioner’s Office (ICO) said today that Easylife used the personal information of its customers to target them with health-related products without their consent.
领英推荐
Singtel confirms 2020 data breach after cyber-attack on Optus
Just weeks after Optus revealed that the records of 10 million customers had been compromised in a data breach, its parent company, Singtel, is dealing with two of its own data hacks.
Cyberattacks reported at US airports
Some of the nation's largest airports have been targeted for?cyberattacks?Monday by an attacker within the Russian Federation, a senior official briefed on the situation confirmed to ABC News.
Contractor left Toyota source code exposed for five years
Japanese automaker?Toyota?and its tech subsidiary?Toyota Connected?have been forced to issue an apology after discovering that a contractor had left source code relating to its T-Connect services publicly exposed via?GitHub, putting the personal data of almost 300,000 drivers at risk of compromise.
Free Webinar | Management: The third layer of your cyber-defence-in-depth strategy
Managing cyber security risks requires a more intensive approach than implementing basic security protection. Join us for this 45-minute webinar on Thursday, 30 October hosted by IT Governance Founder and Executive Chairman Alan Calder to find out how to get started. We explain how to embed risk-based security controls, manage the security of supply chains and conduct audits as part of your cyber defence in depth strategy.
Free PDF download: Business Continuity and ISO 22301 – Preparing for disruption
Cyber attacks, natural disasters, power failures, industrial action and human error are all risks that can severely disrupt business operations. Read this green paper to find out how ISO 22301 can help mitigate the damage to your organisation in the event of a disaster.