Category: Security Advisory Blog

Category: Security Advisory Blog

Processor Contract – How Data Processors can inadvertently become Controllers…and why it matters!
27/01/2020 DPO Blog, Security Advisory Blog admin

For those of you who deal with the wonderful document that is a data processor contract. Whether you’re on the Controller side or the Processor side, you will know there are quite a few hoops to jump through. This is because GDPR strengthened the requirements of a Controller-Processor relationship, outlined in Article 28. That said,

Read More
GDPR Subject Access – why verifying ID can be dangerous!
20/01/2020 DPO Blog, Security Advisory Blog admin

wrote a few weeks ago discussing how DSAR volumes may have gone up in your organisation and that it’s probably not simply down to the GDPR Subject Access hurdles being lowered for Data Subjects. Since GDPR came into force in May 2018, Data Subjects now don’t have to pay a fee (in most cases). The

Read More
Supply Chain Resilience – Who are your Backup Suppliers?
13/01/2020 CISO Blog, DPO Blog, Security Advisory Blog admin

Is your supply chain resilience programme reminiscent of the article image? Aged, poorly maintained, complex, hard-to-untangle. Do you carry out due diligence at the beginning of your engagements? More importantly, do you carry out ongoing governance and oversight? Even more importantly, does supply chain resilience form part of your wider operational resilience strategy or business

Read More
SWIFT independent assessment – have you booked yours?
07/01/2020 CISO Blog, Security Advisory Blog admin

The SWIFT independent assessment regime will kick in later this year. Have you booked in your assessment? If not, Fox Red Risk has some availability to carry out assessments. Remember the SWIFT payments attacks a few years back? As a reminder In 2015 & 2016, a series of cyberattacks using the SWIFT banking network, which

Read More
API Security – Are You Secure from OWASP 2019 Top 10?
03/01/2020 CISO Blog, Security Advisory Blog admin

Firstly, Happy New Year. 2020 is going to be an exciting year for Fox Red Risk. We have lots of cool new offerings in the pipeline to support businesses large and small in the thankless task of keeping secure. If you have resource gaps and need support, then let us know. Right, back to the

Read More
Security Incident Avoidance – Hackers know we’re away for Christmas…
23/12/2019 CISO Blog, Security Advisory Blog admin

It’s that time of year where many of us will be ensuring our organisations can still deal with a security incident whilst most of the workforce are at home watching Christmas movies like Die Hard – yes, it’s definitely a Christmas Movie. Hackers know businesses are running on skeleton staff during the holiday period so

Read More
Strategy – Can a CISO learn from the 2019 General Election?
13/12/2019 CISO Blog, Security Advisory Blog admin

Security Strategy – What lessons can CISOs learn from the UK Gerneral Election 2019 when devising and delivering a security strategy? Here are three…

Read More
Security Awareness Training Dies. My 2020 Prediction
11/12/2019 CISO Blog, Security Advisory Blog admin

My prediction is that 2020 will be the year security awareness training dies…and not before time…

Read More
Cybersecurity Strategy – Organise to Operate
07/12/2019 CISO Blog, Security Advisory Blog admin

Cybersecurity strategy is being “organised to operate”. A principle that is fundamental to developing an effective cybersecurity programme. Here’s why…

Read More
DSAR – Help I can’t cope!!! Our Subject Access Request volumes have gone through the roof!!!!
29/11/2019 DPO Blog, Security Advisory Blog admin

I had an online interaction with a vendor who sells Data Subject Access Request (DSAR) automation software recently. During the ‘pitch’ they highlighted that organisations across London, UK have seen a staggering increase in DSARs since GDPR went live. An article in the Yorkshire Evening Post confirms this is not just a London-centric issue. “In

Read More