Carphone Warehouse hit with huge fine for data security breach

10 January 2018

The retailer’s computer systems were compromised following a cyber attack in 2015.

The retailer’s computer systems were compromised following a cyber attack in 2015.

Carphone Warehouse has been fined £400,000 by the Information Commissioner’s Office for what was described as “serious failings” that placed customer and employee data at risk.

The retailer was issued with the penalty after one of its computer systems was compromised as a result of a cyber attack in 2015.

Find out more

New cyber security service to boost NHS protection

03 January 2018

A new £20m project aims to boost data security across the NHS.

NHS Digital’s Security Operations Centre (SOC) will provide enhanced and ongoing monitoring of national systems and services, and also offer specific guidance to local health and care organisations.

The monitoring service will analyse threat intelligence from multiple sources and share this together with remediation advice.

Find out more

BSI revises standard for information security risk

03 January 2018

Anne Hayes

Anne Hayes

BSI has revised BS 7799-3, its guidance standard for information security risk management systems.

Notable changes include conformity to the latest version of ISO 2700, the internationally recognised standard which covers requirements for IT security techniques and infosec management systems.

BS 7799-3 provides guidance on defining, applying, maintaining and evaluating risk management processes in ISO 27001’s infosec context.

Find out more
UK organisations unprepared for EU financial instruments directive

07 December 2017

There are now less than 30 days to go before the legislation comes into force with tough financial penalties for non-compliance.

There are now less than 30 days to go before the legislation comes into force with tough financial penalties for non-compliance.

The Markets in Financial Instruments Directive (MiFID II) comes into force on 3 January 2018, but 39 per cent of UK financial organisations are unaware whether their organisation is compliant or not, says new research.

MiFID II is EU legislation that regulates firms who provide services to clients linked to ‘financial instruments’ and the venues where those instruments are traded.

Part of the directive states that firms will be obliged to record all communications that are intended to result in a transaction.

Find out more