How to ensure your international data transfers are lawful
Welcome to this week’s Security Spotlight, in which we shine a light on:???
???
Blog | GDPR: international data transfers using the IDTA, SCCs or BCRs?
The UK and EU GDPR (General Data Protection Regulation) restrict transfers of personal data outside the UK and EU respectively.?
Consequently, you must put an appropriate mechanism or safeguard in place to transfer personal data internationally, such as:?
This blog, by GRCI Law’s Natalie Whitney, takes a closer look at these mechanisms, and when and how to use them.?
?
Blog | 7 steps to prepare for PCI DSS audit success?
Organizations that process, transmit and/or store cardholder data or SAD (sensitive authentication data), or can affect their security, must comply with the PCI DSS (Payment Card Industry Data Security Standard).?
The more transactions you process, the more likely you need to be audited by a qualified external auditor – a QSA.?
If you’ve recently experienced a breach and were subject to a PCI forensic investigation, you’re also more likely to need to bring in a QSA.?
Sujith Parambath, our head of PCI and Cloud consulting services, explains how to ensure your audit is successful.?
?
?
Blog | How can organizations transition to ISO 27001:2022??
Organizations with ISO/IEC 27001:2013 certification must transition to ISO/IEC 27001:2022 by 31 October 2025.?
The biggest change for organizations is Annex A, which has been overhauled and includes 11 new controls.?
How can organizations best approach this new control set? What changes to the main clauses of the Standard tend to get overlooked? And what are common mistakes to avoid when transitioning??
Our head of GRC (governance, risk and compliance) consultancy, Damian Garcia, explains.?
?
???
Free case study | Air Ambulance Charity Kent Surrey Sussex?
Download our case study with Air Ambulance Charity Kent Surrey Sussex to understand how a thoughtful approach to data protection compliance has enabled its team to innovate in an extremely regulated industry.?
Find out how our bespoke consultancy service can be the perfect, flexible solution for organizations that require extra support for a wide range of data protection-related projects.?
?
??
Free paper | General Data Protection Regulation (GDPR) – A compliance guide for the US?
The EU’s GDPR heralds the most significant change to data protection law in Europe – and globally – in recent years. Every organization that processes EU residents’ personal information must comply with the Regulation, including organizations in the US.?
Download this free green paper to receive compliance advice from the GDPR experts and understand the core elements of the Regulation that are subject to the higher-tier fines, and what you need to do to comply with them.?
The guide covers:?
?
?
Free paper | The Data Protection Officer (DPO) Role – A beginner’s guide?
The GDPR requires many organizations to appoint a DPO. Are you one of them? Find out what a DPO does, whether you need to appoint one, and how to fill the role in this easy-to-read guide.?
This guide explains:?
?
?
Free webinar | Start strong: leveraging your experience to start a career in data protection and privacy?
If you have some responsibility for data protection, could you do more? Is this a specialism and a career path worth investing in? Whether you’re transitioning from compliance, law, HR, IT or another field, this webinar is designed to help you leverage your existing experience and gain the skills needed to launch a successful career in privacy.?
Join us for practical guidance on the knowledge, certifications and career pathways that can position you as a valuable asset in this growing field.?
Thursday, 20 February, 15:00 – 16:00 (GMT)?
?
?
Free webinar | Start strong: how to launch or transition into a career in cyber security?
If you are starting out, have IT experience without certifications, credentials without hands-on experience, or are transitioning from another industry, this webinar will help you bridge the gap and position yourself for success in this dynamic field.?
Join us to learn the steps to build your profile, understand skills and qualifications employers value, and explore proven pathways to start your cyber security career.??
Thursday, 27 February, 15:00 – 16:00 (GMT)?
?
Set your organization up for success?
This year brings many new challenges, including:?
Whatever 2025 brings, at least you can control your cyber risks. If you’ve put off major projects because of recent challenges, now is the time to revisit them and implement the actions necessary to help your organization thrive.?
??
?
Speak to an expert???
With 20+ years’ experience in information security and data privacy, we understand risk management.???
Our experts have implemented security and compliance programs for hundreds of organizations across a multitude of industries in both the private and public sectors.???
New to the world of information security and data privacy, and need advice on how to get started????
Or updating an existing programme????
Our experts are here to help.???
Get in touch???
???