GDPR: What does it really mean for your organisation?










25th May 2018 sees the indoctrination of the General Data Protection Regulation (GDPR) courtesy of the European Union. While eagerly anticipated by some organisations, for many the daunting reality of the changes GDPR brings is rapidly setting in.

There might have been a brief period of post Brexit vote uncertainty about GDPR – but it will go ahead as planned. In the world of data management, it’s time to smell the coffee. Continue reading “GDPR: What does it really mean for your organisation?” »

How to manage Building Information Modelling (BIM) implementation – Part 2 of 2

Building Information Management (BIM) image









In our first article on Building Information Modelling (BIM), we looked at what BIM is and the types of data at risk in building projects. We discussed the threat to digital information and why cyber security needs to be an integral part of construction and refurbishment projects.

In part two we look at the process itself – how to manage BIM implementation and why managing the risks to building information doesn’t stop at the end of the build. Continue reading “How to manage Building Information Modelling (BIM) implementation – Part 2 of 2” »

An introduction to Building Information Modelling (BIM) – Part 1 of 2

Building Information Modelling









If you run your own construction business or manage large building projects, you will know about the many professions and trades that need to come together to contribute to a modern building or refurbishment. But does information risk and cyber security come into your thinking? If not, it should.

Such projects require detailed information to be transferred between partners such as designers and architects at the planning stage, followed by the construction teams.  A variety of software tools are available to support this process such as 3D modelling packages, CAD software and project management tools.

All of this generates large volumes of data that must be accurate and which has to get to the right people on time. What’s more, it has to be safe from threats – and remain that way. Continue reading “An introduction to Building Information Modelling (BIM) – Part 1 of 2” »

Ascentor expands capabilities on Digital Outcomes and Specialists 2










Public sector organisations, agencies and associated bodies can now buy more Ascentor services through the Digital Outcomes and Specialists (DOS) Framework.

Ascentor’s cyber security and information assurance consultants have a background in government security and extensive experience in a variety of Information Assurance (IA) disciplines. In the second iteration of the DOS framework, Ascentor’s Digital Outcomes capabilities cover a range of security topics – IA certification, policy, threat modelling, risk management, infrastructure reviews and firewall audits. We can also offer project management, and process and system auditing. Continue reading “Ascentor expands capabilities on Digital Outcomes and Specialists 2” »

‘Not if but when’ – 2017 UK cyber security in focus










2017 is Ascentor’s thirteenth year in information risk management. Over the years we’ve helped public and private sector organisations address the challenging landscape of cyber security and information assurance. Each year brings different threats – those we already recognise evolve, others are completely new. At the same time the legislative horizon changes as new standards and regulations come into force.

We started 2017 by quoting a tweet from John Chambers, CEO of Cisco, that is as good as any in describing the challenges of the year ahead. “There are two types of organisation: those that have been hacked & those that don’t know they’ve been hacked.” So, it’s increasingly a case of ‘not if but when’ – and a lot of household-name organisations know how painful that felt last year. Continue reading “‘Not if but when’ – 2017 UK cyber security in focus” »

The UK Cyber Security Strategy 2016-2021 – A New Sheriff in Town?

UK cyber security strategy 2016









On 1st November 2016, the Chancellor of the Exchequer launched the latest UK Cyber Security Strategy. In a year that has seen rising international tensions around hacking, Philip Hammond commented that hostile “foreign actors” were developing techniques that threaten the country’s electrical grid and airports.

The £1.9bn new strategy will also help enlarge specialist police units that tackle organised online gangs – and contribute towards the education and training of cyber security experts. The programme is funded until the end of 2020. Continue reading “The UK Cyber Security Strategy 2016-2021 – A New Sheriff in Town?” »

Cyber security in perspective – a look back at 2016

Year 2016









As we reflect on 2016, there are two stand out events that dwarf every other piece of news this year – the decision of the UK to leave the EU and the election of one Donald J Trump.  Both put cyber security in the spotlight in 2016 for different reasons – from the confusing to the bizarre.

But it wasn’t just the changing political landscape that caught our eye. Many organisations were affected by ransomware attacks and one high profile business discovered just how costly the on-going fall-out from their data breach would turn out to be.

So, let’s look back at 2016 through the cyber security lens of Ascentor. Continue reading “Cyber security in perspective – a look back at 2016” »

How to deliver digital transformation – without the security risk


Digital transformation is a major programme for many organisations. The motivation for it varies, but there are some common aspects, namely adopting new technologies to maintain an efficient and effective workforce and engaging with customers to improve the bottom line.

Likewise in the public sector, digital transformation programmes create opportunities for efficiency savings and economies of scale, with new and imaginative ways to deliver services to citizens. But the stakes are high. Get the security wrong and the programme could be the cause of a very public, and very expensive, loss of confidence. Continue reading “How to deliver digital transformation – without the security risk” »

Supply Chain Cyber Security – defeating the weakest link (Part 2)

Cyber chain 2









In the first part of this blog we created a scenario of just how easy it is to cause a cyber security breach. ‘Brian’ was a contractor with access to the server room. In moments he’d been able to gain access and steal his client’s intellectual property – all without trace. There was a weak link in their supply chain cyber security which he’d found no trouble to exploit.

In Part 2 we introduce a 4 step supply chain cyber security process – and provide links to guidance on supply chain risks and methodologies for assessing an organisation’s security. We also discuss how far down the supply chain you need to manage. Continue reading “Supply Chain Cyber Security – defeating the weakest link (Part 2)” »

The Future of Information Assurance Accreditation

Checkbox on digital screen









Ascentor’s Paddy Keating attended the SUAC – Accreditors’ Professional Update and Development Event 2016 on 2-3 November 2016. One of the main topics regarded the future of accreditation within government centred on a recent consultation paper entitled Assuring Information Services for Government prepared by the Accreditation Specialism Advisor Group (ASAG).

The paper identified some drivers for change including efficiency, quality and speed but it also identified the underlying problem of accreditation and accreditors themselves having bad press. Here are Paddy’s reflections on the day. Continue reading “The Future of Information Assurance Accreditation” »

Latest News

Recent Comments

    • Barry Harvey: It is perhaps surprising to hear that a generation we think of as being tech savvy is anything but....
    • David Conway: I can imagine that, even at this stage, many businesses will still be blissfully unaware of this...
    • Sonja Jefferson: Are you going to be offering that training for ‘normal, non-techie people that now have...
    • Dave James: @Colin Robbins: Yes, Its really illumintaing isnt’t it. Provides a bit of context to the recent...
    • Colin Robbins: Very interesting report. I find it staggering that 26% of companies had not briefed their boards on...
    Buy Cialis in UK