Looking back on 6 years of the GDPR
Welcome to this week’s Security Spotlight, where we shine a light on:
·?????? 6 years of the GDPR – expert insight from Loredana Tassone
·?????? The key differences between Cyber Essentials and ISO 27001
·?????? Physical security and ISO 27001
·?????? The demise of the DPDI Bill and next steps for data protection in the UK
·?????? How to create an AI policy
·?????? Today’s webinar on ISO 27001 certification
·?????? Our upcoming Europrivacy webinar
?
Dr Loredana Tassone on 6 years of the GDPR
On 25 May 2024, the GDPR turned six.
Since its enforcement, the GDPR has become the core global standard for protecting personal data.
We talked to GRCI Law’s managing consultant, Dr Loredana Tassone, about:
·?????? Key GDPR achievements
·?????? The Regulation’s shortcomings
·?????? How those shortcomings are being addressed
·?????? How organisations can maintain GDPR compliance
·?????? What organisations should know about the EU–US Data Privacy Framework
·?????? How the EU GDPR and data protection and privacy will likely evolve
?
Ashley Brett on the key differences between Cyber Essentials and ISO 27001
Unsure whether to pursue Cyber Essentials or ISO 27001?
This interview is for you.
We asked our cyber security assessor Ashley Brett about:
·?????? Cyber Essentials misconceptions
·?????? Benefits of Cyber Essentials and ISO 27001
·?????? The differences between the two frameworks
·?????? Which framework suits smaller organisations better
·?????? How to prepare for implementation
?
Matthew Peers on ISO 27001 and physical security
When we hear the term ‘information security’ – or, for that matter, ‘ISO 27001’ – our thoughts usually turn straight to cyber security.
However, physical security is also an important aspect of information and data security. In fact, in the 2022 versions of ISO 27001 and ISO 27002, ‘physical’ is one of just four control themes.
Matthew Peers, a GRC consultant with a background in the British Army Intelligence Corps, shares:
·?????? Why ‘physical’ is a separate control theme
·?????? Physical (and logical) access controls and visitor policies
·?????? Why physical security monitoring needed a new Annex A control
·?????? The benefits and drawbacks of CCTV as a preventive and detective measure
·?????? Key considerations around building security – even if you’re a small organisation
·?????? How to remotely audit physical security
·?????? Remote-working tips
?
领英推荐
?
New blog: The DPDI Bill is dead
The dissolution of parliament on 30 May before the UK General Election heralded the demise of the DPDI Bill. What happens now for data privacy in the UK?
?
How to create an AI policy
For all its benefits, adopting AI technology comes with challenges – such as ensuring the accuracy of AI-generated information, maintaining the quality of AI outputs and addressing ethical concerns.
That’s where a well-thought-out AI policy comes into play. This type of policy prepares your organisation to thrive in the rapidly evolving AI landscape.
?
?
Free webinar: FastTrack ISO 27001 Certification – Compliance and Continual Improvement
Today, 3:00 pm (BST)
This webinar focuses on how you can achieve ISO 27001 certification within 6 months.
It’ll also explore how to maintain momentum to continually improve your ISMS.
ISO 27001 pioneer Alan Calder will take you through:
·?????? Streamlining the certification process with FastTrack? expertise
·?????? Preparing for certification and selecting a certification body
·?????? Developing a checklist to ensure you have evidence of an ISMS in action
·?????? Tips for a successful certification audit and maintaining compliance with ISO 27001:2022
·?????? Strategies for continually improving your ISMS and adapting to changing threats and risks
?
Free webinar: Europrivacy Certification: Integrating the GDPR with National Privacy Laws?
Thursday, 4 July 2024, 11:00 am (BST)
In today’s globalised economy, organisations operating across European borders face the intricate challenge of complying with the GDPR alongside a mosaic of national data privacy laws.
The Europrivacy?/? certification emerges as a pivotal solution, designed to harmonise GDPR requirements with the diverse legal privacy frameworks of individual European countries.
This webinar, delivered by Alan Calder and Dr Sébastien Ziegler, will cover:
·?????? An introduction to Europrivacy and its significance in the current privacy framework;
·?????? Understanding the intersection of the GDPR with national and local privacy legislation;
·?????? The challenges and advantages for organisations operating in multiple European countries;
·?????? Strategies for using Europrivacy to address diverse regulatory demands; and
·?????? How Europrivacy certification helps unify compliance efforts across borders.
?
Speak to a cyber security or data privacy expert
With over 20 years’ experience in cyber security, we understand risk management.
Our experts have implemented cyber security programmes for hundreds of organisations across a multitude of industries in both the private and public sectors.
New to the world of cyber security and need advice on how to get started?
Or updating an existing cyber security programme?
Our cyber security experts are here to help.
?