IT Security

IT and Cyber Security related information

Major new British Standard for Cyber Risk and Resilience [Consultation]

BSI Cyber Risk and Resilience Standards BS 31111A major new British Standard [BS 31111] is in development to help senior executives and risk managers improve their cyber risk management and build the cyber resilience of their organizations.

Over the past year, the BSI Risk Management Committee has been working on developing new guidance that aims to help top executives better understand and manage the technology risks to their organizations.  

Government provides e-learning for SME's on Cyber and Information Security Risk

New Free e-elaerning course to boost cyber risk and information security resources available to SME'sGovernment boosts support for SME business with free Information Assurance e-learning course.

The course has been developed from governments own initiative on information security and the management of related risks across the public sector where over 200,000 people in local and central government have completed the modular course.

Government funding for SME and start up Computer Security

CESG innovation scheme provides £5000 for business cyber risk management The government has extended the Innovation Voucher scheme that supports SMEs, entrepreneurs and early stage start-ups by implementing or improving cyber security.

The scheme provides flexibility and allows firms to choose from a ange of approved suppliers.  Successful applicants will receive up to £5000 from the Innovation Scheme. 

HMG announces Cyber Essentials Scheme

 

 

As part of the UK government's long-term strategy to address the increasing threats around cyber risk HMG has announced its Cyber Essentials Scheme.

Department for Business, Innovation & Skills

The scheme identifies and focuses on five principal areas that businesses of all types and sizes must consider as "the essential" foundation of their cyber security.

Industry Award for the Cyber Essentials scheme

 
Cyber Essentials Scheme
 
The government backed Cyber Essentials scheme has been recognised with the Editors Award from SC Magazine. The scheme was developed by BIS and CESG to help businesses put in place practical measures that have been proven to help protect against cyber risk following an extensive period of industry consultation. 
 

Staples joins the list of hacked retailers

Office supplies firm Staples joins the list of Hacked retailersReports are emerging of another credit card security breach this time concerning the Office supplies firm Staples.
 
They are the latest in a growing list of familiar retail names to have had their security breached.  The breach came to light following the detection of fraud patterns across the North Eastern United States.
 

Another retailer suffers data theft - Morrisons payroll data stolen


Morrisons suffers data theftWm. Morrison, one of the UK's largest supermarket chains, has had the details of more than 100,000 staff stolen. While far fewer people have been affected by this data theft than in others recently reported.
 
The theft covers the payroll records of staff employed by the company and the firm has stated no customer records have been compromised.
 

BIS Cyber Hygiene Profile - CALL FOR REVIEW

BIS CYBER HYGIENE PROFILE DRAFT REVIEW - COMMENTS NEEDEDFeedback is needed from industry on the first draft of the Cyber Hygiene Profile developed by BIS and intended to identify the basic cyber controls that should be present in business.
 
The current draft can be viewed and comments submitted through the BSI’s Draft Review System and the review will close on the 16th March, 2014.

BCS Certificate in Information Security Management Principles CISMP

BCS Certificate in Information Security Management Principles CISMP
 
This five-day course will run week commencing 03/09/2012 in Cardiff City Hall reduced from £2000 to £1175.
 
This course has been commissioned by Cardiff City Council and is being offered to Continuity Forum members, at cost, at the significantly discounted rate of £1175 + VAT. The advertised rate of this course is usually in the region of £2000 + VAT so this presents a fantastic saving for anyone wishing to attend this particular offering.
 
All course materials, the course exam, refreshments and lunch are included. 

Please note places are limited so early booking is advised. The rate may be negotiable for multiple bookings.
 

London Cyber Conference ends, but what next?

 
Business Continuity Forum opinion
London Cyber Conference
2011 
 
 
Over two days the London Cyber Conference 2011 delivered a truly international focal point to examine how our digital world is developing and share what needs to be done to keep the benefits, but remove some of the risks.  
 
With over 700 people from 60 countries there really was a global presence and the issues discussed in the plenary and private sessions clearly communicated the breadth of the challenges being faced in cyberspace.
 

Foreign Secretary William Hague addresses the London Conference on Cyberspace

 
Delegates from around the world gathered in London to debate Cyberspace and its role in the modern world.  The benefits of the 'Net' has helped drive an estimated 21% growth in the economies of countries over the past decade and the newest start-up can now be global at the click of a button.
 
Internet Communications has been revolutionised around the world and has contributed to the developed of vast social networks that cross borders, cultures and interests.  There are now over two billion regular users of the Internet and this is continuing to grow and become ever more mobile as smart devices continue evolve placing the digital world in our hands wherever we are. 
 
With all the opportunities the Net has been a powerful part of the development of communities and business, but there is a darker side.
 

The London Cyberspace Conference

 
International leaders from government and business are meeting in London to discuss cyberspace and how to manage its risks. The UK Foreign Secretary, William Hague, will welcomes participants form around the world including US Secretary of State Hillary Clinton, Swedish Foreign Minister Carl Bildt, and Jimmy Wales, the founder of Wikipedia.
 
Criminals are exploiting the growth of cyberspace. They are using it to extort money, steal identities, ideas and designs, defraud government departments and businesses, as well as exploit the most vulnerable in our societies, particularly children. The annual cost of cyber crime to the global economy could be as much as $1 trillion.

Are rules to tighten over data protection and Business Continuity?

 
In a move that may well impact on all Business Continuity and IT Security departments the European Vice President responsible for Justice is calling for the introduction of rules forcing banks, e.commerce businesses, social networking sites and others who hold confidential data to tell customers as soon as there has been a data security breach.
 
Viviane Reding was previously responsible as an EU member for Information, Society and Media before taking the role of Vice-President of the European Commission, responsible for Justice, Fundamental Rights and Citizenship in February 2010.
 
In a speech centred on the need to bolster online privacy she said "trust in an 'information society' has been damaged by the recent events such as the Sony data breach". Her initiative comes at the end of a long line of data breaches that have affected not just many businesses, but also government departments, including health services and tax offices, around Europe. 
 
Viviane Reding, EU Vice President JusticeTo address the concerns raised by these events the Justice Minister is looking at toughening up data protection rules that are already in place for the telecommunications industry to include immediate notification to the regulator when Data has been compromised.
 
The Commissioner is also reviewing the possibility of introducing an enforcement arm that would be responsible for ensuring compliance with the regulations.   
 
Reding is championing the need for plans to address the digital world and the increasing reliance and embedding if technology into everyday activities. The Minister outlined 5 pillars that were needed to build proper data protection. These are: the right to have data forgotten, transparency, 'privacy by design', making firms and authorities responsible for they handle all data and independent oversight and monitoring.
 
The responsibility to protect data is already enshrined under the EU Charter of Fundamental Rights, but Reding stressed the need for this Charter principles to be supported as the pace of technology change and use brings new risks. 
 
Previous attempts to increase the regulation of Data Protection in business have failed due to the added cost burden and a lack of industry consistency on methods with the result that compliance has been been somewhat watered down. 
 
This time around it may well be different though with the challenge of ensuring business continuity, security and compliance becoming much more important for all organisations.   
 

 

 

 

ISO announce new ICT security standard to improve Business Continuity resilience

ISO security standards and Business Continuity
 
 
The International Standards Organisation (ISO) has released a new set of international guidelines to help protect and ensure the security of information and communication technologies and boost Business Continuity capabilities.
 
ISO/IEC 27031:2011 is aimed at all organisations regardless of their type, size and complexity and it is hoped that through the adoption of the standard greater resilience against hacking, denial of service and malware attacks will be seen.
 

Managing ICT Risks May 11th

 

When you think about risks posed by IT today, your concerns go way beyond what’s happening in the data centre or the IT department. Information and Communications Technology is an essential part of virtually every business process. As a result, managing Technology Risk now means much more than protecting data.  It means protecting the heart of the business itself. 

 

Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...