Yearly Archives: 2017

GDPR: Do you really need a Data Protection Officer (DPO)?

GDPR Data Protection Officer image

 

 

 

 

 

 

 

 

By now you’ll have heard that there’s huge change coming to European data protection law. The EU General Data Protection Regulation (GDPR) comes into force on 25th May 2018, replacing the Data Protection Act 1998 (DPA).

So, you’ve started doing your research as you prepare for GDPR – and you’ve noticed that the requirement to appoint a Data Protection Officer (DPO) is a feature of many articles. The DPO will play a key role in ensuring compliance with GDPR – but it’s not immediately obvious what is involved.

That’s why this article looks at what the role entails, the skill sets required and cuts through some of the confusion we’ve noticed. For example, what exactly is a DPO and does every organisation actually need to appoint one? Continue reading “GDPR: Do you really need a Data Protection Officer (DPO)?” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Convince your board – cyber attack prevention is better than cure

Cyber attack ahead

 

 

 

 

 

 

 

 

There is a recurring message in many of the surveys about cyber security. It’s broadly this: a high number of businesses say that cyber security is an important issue – but a low number report any evidence of actually doing something about it.

The latest Cyber Security Breach Survey 2017 illustrates this perfectly. IPSOS MORI interviewed 1,523 UK businesses. In 74% of cases the directors or senior management said that cyber security is a high priority but only 20% currently provide staff with cyber security training – and only 33% have any formal policies in place. Continue reading “Convince your board – cyber attack prevention is better than cure” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Ransomware attacks – don’t let them happen to you

 

 

 

 

 

 

 

 

 

The BBC has reported there could be further ransomware attacks this week, following the global cyber-attack that saw 48 NHS Trusts, Hospitals and GPs’ surgeries become its most high profile victims.

It has taken an attack on an institution that serves to protect lives to propel ransomware onto our TV screens and newspapers – but ransomware has been around for some time and it doesn’t just target organisations the size of the NHS.

This article briefly covers what ransomware is, what happened in the attack and offers advice on how to protect your own systems – whether you are a large organisation, an SME or a solo business/operator running a single computer. Continue reading “Ransomware attacks – don’t let them happen to you” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Why basic cyber security could save you a lot of wonga

Wonga cyber attack

 

 

 

 

 

 

 

Another week, another embarrassing cyber attack. This time it’s payday lenders Wonga who are the latest high profile business to fall victim to hackers with reports suggesting 270,000 customers’ details have been stolen (of which 245,000 are in the UK) – including the last four digits of bank cards.

For a business named after the slang for money, it’s ironic that, when the dust settles – the attack may cost them a tidy sum of their own wonga – just as it did for TalkTalk. Continue reading “Why basic cyber security could save you a lot of wonga” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Ten steps to GDPR compliance

Ten steps to GDPR compliance

 

 

 

 

 

 

 

 

In our previous blog we discussed the four key areas of the General Data Protection Regulation (GDPR) and asked ‘What does it really mean for your organisation?’ With a looming launch date of 25th May 2018, our closing advice was “don’t leave it to the last minute or chance.”

Although GDPR is a huge data management undertaking, compliance needn’t be an insurmountable challenge. So, in this article we’ve summarised the steps an organisation needs to consider to ensure it does comply. Continue reading “Ten steps to GDPR compliance” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

GDPR: What does it really mean for your organisation?

GDPR

 

 

 

 

 

 

 

 

25th May 2018 sees the indoctrination of the General Data Protection Regulation (GDPR) courtesy of the European Union. While eagerly anticipated by some organisations, for many the daunting reality of the changes GDPR brings is rapidly setting in.

There might have been a brief period of post Brexit vote uncertainty about GDPR – but it will go ahead as planned. In the world of data management, it’s time to smell the coffee. Continue reading “GDPR: What does it really mean for your organisation?” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

How to manage Building Information Modelling (BIM) implementation – Part 2 of 2

Building Information Management (BIM) image

 

 

 

 

 

 

 

 

In our first article on Building Information Modelling (BIM), we looked at what BIM is and the types of data at risk in building projects. We discussed the threat to digital information and why cyber security needs to be an integral part of construction and refurbishment projects.

In part two we look at the process itself – how to manage BIM implementation and why managing the risks to building information doesn’t stop at the end of the build. Continue reading “How to manage Building Information Modelling (BIM) implementation – Part 2 of 2” »

avatar

Steve Maddison

Director and Principal Consultant

More Posts

Share

An introduction to Building Information Modelling (BIM) – Part 1 of 2

Building Information Modelling

 

 

 

 

 

 

 

 

If you run your own construction business or manage large building projects, you will know about the many professions and trades that need to come together to contribute to a modern building or refurbishment. But does information risk and cyber security come into your thinking? If not, it should.

Such projects require detailed information to be transferred between partners such as designers and architects at the planning stage, followed by the construction teams.  A variety of software tools are available to support this process such as 3D modelling packages, CAD software and project management tools.

All of this generates large volumes of data that must be accurate and which has to get to the right people on time. What’s more, it has to be safe from threats – and remain that way. Continue reading “An introduction to Building Information Modelling (BIM) – Part 1 of 2” »

avatar

Steve Maddison

Director and Principal Consultant

More Posts

Share

Ascentor expands capabilities on Digital Outcomes and Specialists 2

Digita

 

 

 

 

 

 

 

 

Public sector organisations, agencies and associated bodies can now buy more Ascentor services through the Digital Outcomes and Specialists (DOS) Framework.

Ascentor’s cyber security and information assurance consultants have a background in government security and extensive experience in a variety of Information Assurance (IA) disciplines. In the second iteration of the DOS framework, Ascentor’s Digital Outcomes capabilities cover a range of security topics – IA certification, policy, threat modelling, risk management, infrastructure reviews and firewall audits. We can also offer project management, and process and system auditing. Continue reading “Ascentor expands capabilities on Digital Outcomes and Specialists 2” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

‘Not if but when’ – 2017 UK cyber security in focus

2017-uk-cyber-security

 

 

 

 

 

 

 

 

2017 is Ascentor’s thirteenth year in information risk management. Over the years we’ve helped public and private sector organisations address the challenging landscape of cyber security and information assurance. Each year brings different threats – those we already recognise evolve, others are completely new. At the same time the legislative horizon changes as new standards and regulations come into force.

We started 2017 by quoting a tweet from John Chambers, CEO of Cisco, that is as good as any in describing the challenges of the year ahead. “There are two types of organisation: those that have been hacked & those that don’t know they’ve been hacked.” So, it’s increasingly a case of ‘not if but when’ – and a lot of household-name organisations know how painful that felt last year. Continue reading “‘Not if but when’ – 2017 UK cyber security in focus” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share
 
Buy Cialis in UK