Vigilant Software Blog
Information security is becoming an increasingly important part of business. The average cost of a data breach rose to $4.24 million (about £3.1 million) last year, according to a Ponemon Institute study, demonstrating the severity of the problem. To mitigate …
Organisations that are looking to improve their information security posture are probably familiar with ISO 27001. It’s the international standard that describes best practice for an ISMS (information security management system), and it provides a framework for implementing appropriate processes …
Cyber security is an issue that’s more important now than ever. According to a report by CyberEdge, 82% of organisations in the UK have faced a cyber attack in the past two years. This isn’t a threat that only faces …
Data breaches are one of the biggest threat to organisations today. They can bring operations to a grinding halt, drastically damage your reputation and your relationship with customers, and cause severe financial losses from lost sales, remediation and repair costs, …
Information security risk assessments help organisations understand the threats they face and the treatment options they should consider. The assessment should be performed regularly – either once a year or whenever there are significant organisational changes – because the threat …
A centralised cyber security risk register is a document that includes information about an organisation’s threat environment. It contains information on potential cyber security risks, and usually acts as evidence that an organisation has implemented an ISMS (information security management …
One of the core aspects of an information security risk assessment is to identify the threats your organisation faces. We recommend that you follow the best practices outlined in ISO 27001 when doing this. The international standard provides a framework …
A data flow is the transfer of information from one location to another – for example, from suppliers and sub-suppliers through to customers. It’s essential that organisations map these flows in order for them to keep data secure and meet …
For all the attention that organisations pay to their ISO 27001 risk assessment, it’s worth remembering that there’s an additional step afterwards – risk treatment. This is where you take the risks that you’ve identified and decide how to deal …
If organisations are to protect their sensitive data, they need to understand the three core components of information security: threat, vulnerability and risk. Those unfamiliar with the technicalities of information security might assume that these terms are interchangeable, but that’s …
