article thumbnail

ISO 27001: Gap analysis vs. risk assessment

IT Governance

What is a gap analysis? An ISO 27001 gap analysis gives organisations an overview of what they need to do to meet the Standard’s requirements. This could be a simple tick-box exercise, with the unchecked requirements forming the gaps that might need to be addressed (not all clauses need to be implemented).

Risk 77
article thumbnail

UK Government sets out proposals to shake up UK data protection laws

Data Protection Report

On 10 September 2021, the UK Government published its consultation paper on proposals to reform the UK’s data protection regime. It has seized it with gusto, announcing more than 70 proposals and calls for views and publishing its economic analysis of expected impact. The deadline for responding to the consultation is 19 November 2021.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

U.S. Government White Paper to Help Companies Address the EU’s National Security Concerns in Schrems II

Data Matters

government released a “White Paper” addressing how U.S. law and practice relating to government access to data for national security purposes,” especially as that information bears on “issues that appear to have concerned the ECJ in Schrems II ” and as it “may bear on many companies’ analyses” of how their reliance on SCCs conforms to EU law.

Paper 128
article thumbnail

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

Data Protection Report

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill. The Department for Culture, Media and Sport (DCMS) has finally published the UK government’s long-awaited response to the consultation on the future of the UK data protection regime. Reform of Article 22.

GDPR 144
article thumbnail

Data governance for data privacy

Collibra

Organizations are receiving floods of new data to leverage for analysis and insights. They need data governance. . They need data governance. What does data governance do? Governance delivers the context, relationships, lineage, and access data citizens need to make decisions around data. No organization is immune.

article thumbnail

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

China-linked hackers carried out cyber espionage campaigns targeting governments, corporations, and think tanks with TAIDOOR malware. “CISA encourages users and administrators to review Malware Analysis Report MAR-10292089-1.v1 “CISA encourages users and administrators to review Malware Analysis Report MAR-10292089-1.v1

article thumbnail

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

In recent years, the researchers observed the group expanding its operations to include financial institutions and government entities. ” reads the analysis published by Unit 42. Analysis of the C2 for a second Sword2033 sample revealed that the domain *.saspecialforces.co[.]za org over port 8443 for C2.