Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.
It’s imperative that organisations conduct risk assessments when preparing, maintaining and updating their cyber security policies and programs. Thorough risk assessments help you identify and address any threats that your organisation may face, allowing you to mitigate them before it’s too late. Organisations that are not ready or not looking to implement ISO 27001 should also read this paper to understand what data protection and cyber security risks they might be taking.
The EU’s General Data Protection Regulation (GDPR) will supersede EU member state implementations of the 1995 Data Protection Directive (DPD). The UK Data Protection Act 1998 (DPA) will be superseded by a new DPA that enacts the GDPR’s requirements. UK organisations that process personal data only have a short time to make sure that they are compliant. The Regulation extends the data rights of individuals, and requires organisations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organisational measures.
