Human error is one of the biggest security threats that organisations face, but you wouldn’t know that based on the lack of resources dedicated to preventing it. According to Verizon’s 2021 Data Breaches Investigations Report, 85% of data breaches involved …
The ISO 9000 family of QMS (quality management systems) is a set of standards that help organisations meet their contractual arrangements with customers regarding products and services. At the forefront of this is ISO 9001, which contains the requirements that …
Organisations don’t like to consider the possibility that their employees accept bribes. We often think of it as something that only happens at multinationals or governments, but corruption exists in all industries, and it has huge consequences. The World Bank …
Many organisations believe that business continuity and cyber security are distinct processes with separate aims. In other words, they view cyber security is what you do to prevent a cyber attack and business continuity as what you do after a …
Social engineering is a term used to describe the ways in which fraudsters manipulate people into performing certain actions. In an information security context, it refers to the tactics used to trick people into handing over sensitive information or exposing …
Social engineering – in which criminals manipulate users into compromising their security – is a major problem. This blog gives five ways to reduce the risk.
The UK charity Mermaids has received a £25,000 fine from the ICO (Information Commissioner’s Office) after an internal error led to a widescale data breach.
Tabnabbing is a type of phishing attack like no other. It doesn’t come with the tell-tale signs of a scam email and works within your browser. Do you know what to look for?
Phishing staff awareness is a core requirement of information security training. But with so many courses out there, it’s hard to know which one to choose. We help you make that decision in this blog, outlining five things you should …
Ely, United Kingdom, 29 July 2019 – GRC eLearning, a leading provider of staff awareness e-learning courses focused on cyber compliance and data privacy, is pleased to announce that it has become a Government Certified Training (GCT) provider for its …
