Author Archives: Ben Wheeler

Ascentor marketing and content editor.

The Ascentor guide to a cyber safe summer holiday

Summer cyber security

 

 

 

 

 

 

 

 

 

“We’re all going on a summer holiday, no more logins for a week or two…”

Well, not exactly. The holiday season is about to get in full swing, but many of us will be traveling with the same devices we use at home and work – with all the associated security risks.

Using your devices with hotel or airport Wi-Fi? Taking your mobile to the beach? Posting your holiday plans on social media?

What could possibly go wrong? Continue reading “The Ascentor guide to a cyber safe summer holiday” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Preparation makes perfect – how to pass Cyber Essentials PLUS first time

How to pass CE+ first time

 

 

 

 

 

 

 

 

As anyone who’s ever run a race will know, it’s all about the preparation. As the saying goes, ‘if you fail to plan – you plan to fail’. The Government’s Cyber Essentials (CE) scheme is no different, especially at the Cyber Essentials PLUS (CE+) level where more work is involved.

Ascentor is an accredited certification body for CE, licensed by the IASME Consortium. In every case where clients have followed our advice at CE+ level, they’ve passed first time. So, we thought we’d share some of our preparation tips and give an insight into our process. Continue reading “Preparation makes perfect – how to pass Cyber Essentials PLUS first time” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Choosing and managing data processors to comply with GDPR

GDPR choosing and managing data processors

 

 

 

 

 

 

 

Over the past few months, Ascentor has published a series of articles tackling the issues on the typical GDPR to-do list. Our blog post looking at the Data Protection Officer (DPO) proved to be one of our highest read ever, so we’ve decided to look at one of the DPO’s responsibilities – ensuring that the data processor used by the organisation complies with data protection law.

Getting this right will play a big part in avoiding the risks that organisations face when processing personal data. But what goes into considering whether the contractual obligations in place between yourselves and your data processors provide adequate protection to comply with data protection law? Continue reading “Choosing and managing data processors to comply with GDPR” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

The NIS Directive explained – compliance and guidance

NIS Directive explained

 

 

 

 

 

 

 

 

The Chinese have just celebrated the start of The Year of the Dog. But for anyone with responsibility for data security in their organisation, it’s very much ‘The Year of Regulation’. You’ll have heard plenty about the General Data Protection Regulation (GDPR), but what about the European Union’s other piece of security legislation, the Network and Information Security (NIS) Directive?

May is going to be a busy month in cyber security, with the NIS Directive being transposed into national law on 9th May, quickly followed by the GDPR on 25th May – as if you needed reminding. Continue reading “The NIS Directive explained – compliance and guidance” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Measuring and understanding cyber security effectiveness – where do you start?

Cyber Security Measurement

 

 

 

 

 

 

 

 

“You can’t manage what you can’t measure.”

Peter Drucker

This classic quote from management guru Peter Drucker is equally applicable to the measurement challenge we face in information security. 

If we can’t (or don’t) measure, how can we identify if we’ve been successful with our security initiatives? For example, is a lack of security incidents an indication of success? If so, how can we demonstrate it? Likewise, without evidence of what is working (and where) – how can we justify often significant security expenditure – or indeed, make effective security decisions?

In this article we’ll take an introductory look at the use of metrics to measure cyber security effectiveness (sometimes also referred to as ‘security maturity’) with dashboards and benchmarking. We will also reference existing frameworks and models and provide links for you to explore in more depth. Continue reading “Measuring and understanding cyber security effectiveness – where do you start?” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

What can you do when a patch goes wrong?

 

 

 

 

 

 

 

 

Your systems are updating… and new patches are being installed. In theory, your security is being updated to optimum performance levels – or is it?

In our work as cyber security advisors (including as accredited Cyber Essentials (CE) and Cyber Essentials Plus (CE+) assessors), we carry out a range of technical tests to determine if clients’ systems are adequate to protect them from the vast majority of low level cyber threats. One of these tests covers patch management – a patch being a piece of software designed to update a computer program or its supporting data.

Although meant to fix security vulnerabilities and other bugs, patching can sometimes introduce new problems or, in worst case scenarios, server failure. Whether you are a large organisation or a small or medium enterprise (SME), this can be damaging. So, to help you do what you can to prevent patching problems, we share some of our experiences and offer some prevention tips. Continue reading “What can you do when a patch goes wrong?” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

A look back at cyber security in 2017

2017 cyber security year in focus

 

 

 

 

 

 

 

 

If ever there was an article that started with a prediction that came true – it was our very first post of 2017, looking at the year ahead.

We quoted John Chambers, CEO of Cisco who had recently said “There are two types of organisation: those that have been hacked and those that don’t know they’ve been hacked.” We predicted it would increasingly be a case of ‘not if but when’. And, as we all know by now, this year it was very much ‘when’.

So, join us for a look back at some of the cyber security issues and incidents we covered in 2017. Continue reading “A look back at cyber security in 2017” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

GDPR: What does the Regulation require when capturing consent?

GDPR: Capturing consent

 

 

 

 

 

 

 

 

The EU General Data Protection Regulation (GDPR) brings with it new requirements for the capture and use of consent to process personal data, along with new puzzles and misconceptions about the requirement for its use for data controllers.

Whilst we await publication of new guidance from the Information Commissioner’s Office on consent, we’re taking a look at the options around consent and the legality of processing data. Continue reading “GDPR: What does the Regulation require when capturing consent?” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

The one-stop guide to cyber security advice (Part 2)

 

 

 

 

 

 

 

 

Last month we published the first of a two-part series on the best cyber security guides and articles on the web. It covered advice on educating your employees about cyber security, guidance for the board and tips for small and micro businesses.

The article was written for anyone increasingly concerned about the threat to their data and looking for advice – you can re-visit part-one here.

This month, in part-two, we point our lens at ransomware, the insider threat, guidance for suppliers to HM Government and there’s even a plain English guide to all that cyber security jargon. Continue reading “The one-stop guide to cyber security advice (Part 2)” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

The one-stop guide to cyber security advice (Part 1)

Best cyber guides reviewed

 

 

 

 

 

 

 

 

It’s always the big cyber security attacks that steal the headlines, but dig a little deeper and there are everyday stories of hacker inflicted misery – many of which could have been prevented.

So, if you are increasingly concerned about the threat to your own data and are looking for advice, this guide is for you.

It’s part one of a two-part series reviewing the ‘best of’ the many respected sources of cyber security advice available, with some of our most popular articles included. Continue reading “The one-stop guide to cyber security advice (Part 1)” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share