DISC InfoSec blog

August 2022 has been a lesson in being careful with whom you provide sensitive information. In a month that saw the former US president accused of misappropriating classified government documents, there were also a spate of malicious insiders compromising their employer’s systems. Meanwhile, the bastion of password security, LastPass, announced that its systems had been […]

  5 Common Accidental Sources of Data Leaks – Nightfall AI How do bad actors gain access to a company’s data? Most of the time, well-meaning everyday people are the real source of data insecurity. In cybersecurity and infosec, it’s common to assume that criminals are behind all data breaches and major security events. Bad […]

Data Security Thought Collection #1 was big? Collection #2-5 just dwarfed it Source: The biggest ever data dump just hit a colossal 2.2 billion accounts

As part of an EU General Data Protection Regulation (GDPR) compliance project, organisations will need to map their data and information flows in order to assess their privacy risks. This is also an essential first step for completing a data protection impact assessment (DPIA), which is mandatory for certain types of processing. The key elements of […]

RESILIA™ Cyber Resilience Best Practices AXELOS’s new guide RESILIA™ Cyber Resilience Best Practices provides a methodology for detecting and recovering from cyber security incidents using the ITIL lifecycle RESILIA™ Cyber Resilience Best Practices Best guide on Cyber Resilience on the web – Cyber Resilience Best Practices is part of the AXELOS RESILIA™ portfolio. RESILIA™ Cyber Resilience […]

ISO 27001 Do It Yourself Package This is the do-it-yourself solution for ISO27001 implementation Cyber crime is increasing exponentially, and this trend will continue as more business activities move online and more consumers connect to the Internet. ISO/IEC 27001 is the only international information security management Standard that can help your organization protect its critical […]

Image by Agathe B via Flickr Prepare now to prevent a ‘security breach’: 45 states and the District of Columbia have laws spelling out procedures when personal information has been … article from: New Hampshire Business Review By David Scott It’s rather interesting to monitor what’s happening in the UK right now. Data protection legislation […]

Image via Wikipedia Here we have another unnecessary major security breach in a large healthcare organization which resulted in a loss of patient data demonstrating poor baseline security. They clearly are not ready for the new HIPAA provision ARRA and HITECH. Review my threats page and evaluate your current business and system risks to make […]

Another stolen laptop puts thousands of people’s personal data at risk but this time it’s the caregivers — not the patients — who are at risk. November 6, 2009 By Larry Barrett: More than 10,000 physicians’ and dentists’ personal data was exposed last week in New Hampshire after an employee at Anthem Blue Cross and […]