The IT Governance Weekly Round-Up

It’s Data Protection Day on Saturday, an international event designed to promote the public’s awareness of the risks we take when sharing personal information online. You can find out how to get involved in this week’s newsletter, where you can also check out the latest industry news. That includes a report accusing North Korean state-sponsored hackers of a $100 million crypto theft, and a cyber attack against the developers of League of Legends.

What Are You Doing for Data Protection Day?

Data protection is something that affects almost everything that we do. From checking our phones first thing in the morning to logging in at work, from high-street shopping to monitoring our biometric data at the gym, we are constantly handing over our personal information. Although many of us are broadly aware of the risks involved when sharing this data, we don’t fully grasp the ramifications – nor do we realise there are ways we can better protect our personal information. It’s why, for the past sixteen years, 28 January has marked Data Protection Day, an international event designed to raise awareness of online privacy. Continue reading >>

How to Respond to a Cyber Attack

Organisations rightly put a lot of effort into cyber security, but what happens when their defences fail? It’s an essential question in the modern business landscape, because cyber crime is rife and there are countless vulnerabilities to manage. It only takes a single mistake for disaster to strike, and you cannot guarantee your organisation’s safety. According to a UK government report, almost two in five businesses reported a data breach last year. Given this startling fact, it’s clear that cyber security alone isn’t sufficient. You must also know how to respond to a cyber attack. Continue reading >>

IT Governance Podcast 2023-2: Mailchimp, fast food, T-Mobile, ice rinks, iOS update and ISO 27001

This week, we discuss the fallout from the latest Mailchimp breach, a ransomware attack on KFC, Pizza Hut and Taco Bell's parent company, another T-Mobile data breach, an incident affecting Planet Ice, and an update for older Apple devices. We also talk to the ISO 27001 expert Steve Watkins about his new pocket guide to the Standard. Continue reading >>

FBI accuses North Korean government hackers of stealing $100M in Harmony bridge theft

The FBI accused two groups of North Korean government hackers of carrying out last year’s heist of $100 million in crypto stolen from a company that allows users to transfer cryptocurrency from one blockchain to another.

On Monday, the FBI announced that the Lazarus Group and APT38 — two groups linked to the North Korean government by both cybersecurity companies and government agencies — were responsible for the hack against the Horizon bridge, created by the U.S. company Harmony, in June 2022. Continue reading >>

Better late than never: Slovenia last EU Member State to adopt GDPR implementing act

On 15 December 2022, the Slovenian Parliament finally adopted the Data Protection Act (Zakon o varstvu osebnih podatkov, ZVOP-2, "ZVOP-2"), a national law implementing the EU General Data Protection Regulation ("GDPR"). The act had been several years in the making, with the earliest draft released for public consultation back in 2017. Continue reading >>

Free webinar | Cyber Essentials - The 5 key steps to certification

Join us on this live webinar where Alan Calder, the Founder and Executive Chairman of IT Governance, will take you through the five key steps to getting your organisation Cyber Essentials certified, including the controls covered under the scheme, then benefits of certification, and why it is critical to your survival in 2023. Register now >>

Interactive checklist | Cyber-Defence-in-Depth

Identify and close the gaps in your cyber security strategy with our interactive checklist – as well as exclusive discounts of up to 20% off selected services. Take it now >>