E-learning: the effective way to train your team

IT Governance

It is widely acknowledged that the retail and hospitality industries experience high staff turnover: frontline roles are often filled by temporary, young or part-time staff, the hours can be long and unsociable and the work can be physically demanding. Despite the operational challenge of staff turnover, there is still a need to ensure that teams are trained to perform not only their core duties but also to do so safely. They can also start and stop the training at will.

DPIAs for retail and hospitality 

IT Governance

It’s relevant for everyone, including retail and hospitality. Retail and hospitality organisations will likely need to conduct several to cover all their processes, both new and existing. Common activities for retail and hospitality requiring DPIAs. To give an idea of what activities may require a DPIA in real terms for the retail and hospitality sectors, here is a non-exhaustive list: CCTV.


Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Sports retail giant Decathlon leaks 123 million customer and employee records

IT Governance

Decathlon, the world’s largest sporting goods retailer, has suffered a massive data breach, affecting 123 million customer and employee records. It contained information from the retailer’s Spanish businesses and potentially its UK stores.

Top 10 Data Governance Trends for 2020: Data’s Real Value Comes Into Focus


Understanding the data governance trends for the year ahead will give business leaders and data professionals a competitive edge … Happy New Year! Regulatory compliance and data breaches have driven the data governance narrative during the past few years.

How data breaches are affecting the retail industry

IT Governance

Only time will tell – and we may not have to wait long – but in the meantime, what is the impact of data breaches in the retail industry, and what needs to be done to mitigate them? World-famous retailer Fortnum & Mason suffered a data breach , affecting 23,000 of its customers, through a Typeform service used to collect votes for one of the categories in its food and drink awards. Despite the prospect of fines and other penalties, many retailers are still not PCI-compliant.

Finance sector must simplify staff awareness training

IT Governance

In a report published last month , the FCA urged organisations to tackle staff awareness training at all levels, and to ensure the lessons are simple and appropriate to the environment that employees work in. The findings are the result of a discussion between 175 organisation, aiming to address security concerns in the fund and investment management, insurance, retail banking, and retail investment and lending sectors. Staff awareness training is a crucial part of this.

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. Third-party governance. IT governance and security. Privacy governance and management.

Heathrow Airport fined £120,000 for data breach

IT Governance

The data affected: The ICO penalty notice said: [T]he stick held a training video containing names, dates of birth, vehicle registrations, nationality, passport numbers and expiry, roles and mobile numbers of 10 individuals involved in a particular greeting party, and also details of between 12 and 50 (exact number unconfirmed) Heathrow aviation security personnel, including names, job titles and identification of two individuals who were trade union members or chairs.

Radisson Rewards programme breached

IT Governance

Staff awareness training is essential, along with compliance with regulatory frameworks such as the GDPR and the PCI DSS (Payment Card Industry Data Security Standard). It Governance’s free webinars cover the GDPR, the PCI DSS, staff awareness and more, helping organisations understand how to become cyber resilient. The post Radisson Rewards programme breached appeared first on IT Governance Blog.

#ModernDataMasters: Nicola Askham, The Data Governance Coach


Nicola Askham is the leading data governance training provider in the UK with over 16 years of experience and research in the field. She delivers training and consulting to major organisations to help them implement full data governance frameworks. Nicola’s powerful methodology breaks down the data governance initiative into logical steps to implement a framework that suits each unique client. ” However, I got into data governance totally by accident.

Safely adopting technology in the hospitality industry

IT Governance

We offer extensive training and consultancy services,available in a variety of formats – classroom, Live Online, distance learning and in-house – to suit different organisations. The post Safely adopting technology in the hospitality industry appeared first on IT Governance Blog. Cyber Resilience Cyber Security Data Protection PCI DSS Retail Staff Awareness Training hospitality hotelsThe hospitality sector has embraced consumer-facing technology.

Data Governance and Business Transformation


Collibra organized a Data Governance and Business Transformation seminar in Paris recently, bringing together data managers from the financial, retail, transportation, and logistics industries. During the seminar, Collibra and Data Citizens presented some findings and current developments regarding digital transformation: Henry Peyret, Principal Analyst for Forrester, proposed an analysis of the role of data governance in the digital transformation of companies.

The Ocado fire – when disaster recovery becomes real

IT Governance

Although share prices showed signs of recovery within a couple of days, more than £1 billion was wiped off the stock market value of the firm, as investors worried that retailers may be less keen to buy into the automated warehouse technology having seen that there is a potential vulnerability.*. The post The Ocado fire – when disaster recovery becomes real appeared first on IT Governance Blog.

Risk 45

Customers lose confidence – data breaches aren’t just about fines

IT Governance

Train your staff. Training can be classroom-based, but there are other options such as e-learning, in-house training courses, and – of course – books for independent learning. The post Customers lose confidence – data breaches aren’t just about fines appeared first on IT Governance Blog. A recent survey by Ping Identity shows that customers move away from brands that have suffered data breaches.

FIFA caught hook, line and sinker in phishing attack

IT Governance

Football world-governing body FIFA has admitted that its systems suffered a sustained phishing hack earlier this year. One of the most basic ones is training every employee to look for certain clues, such as mismatched URLs or misleading domain names. The post FIFA caught hook, line and sinker in phishing attack appeared first on IT Governance Blog. Cyber Security Retail Staff Awareness data breach football phishing phishing attack Sport

Sailing the cyber security waves

IT Governance

This could include: Staff training ; Limiting user privileges; Keeping systems up to date; Implementing encryption methodologies; and. The post Sailing the cyber security waves appeared first on IT Governance Blog. Cyber Security Data Protection ISO 27001 Retail Staff Awareness Cruise operators Freight Maritime industry Shipping Travel travel and tourismShips have experienced a digital transformation in recent years.

Data Stewards, Say Goodbye to Painful, Rules-based Matching.


Today’s third-generational data management platforms with a machine learning component, help you derive the matching rules automatically from the data and also offers you the capability for active learning/training of the machine. Reltio Cloud’s ML component allows you to verify and accept the match criteria which in turn progressively trains the machine toward finer levels of match. Take control of your Enterprise Data Security, Governance and Compliance.

MDM 40

#ModernDataMasters: Lewis Ownes, CEO Agile Solutions


In the early days I worked in data transformation for data into banks through digital printing – amazing that I trained to do all these elaborate hand-crafted books and ended up doing cheque books! If you ask people about data management and all they talk about is governance then you know they are only being driven by regulation or a concern. The only way that innovation and governance will be aligned properly is if you strategise in that order – business, data, technical.

#ModernDataMasters: Steve Whiting, Chief Operations Officer


I was trained in Oracle relational databases and GUI tools to deliver group-wide Banking Systems. Ethical data management means you need data governance and data security by design – these initiatives are hard to retrofit. In the past organisations often mobilized for large MDM programmes and had to retrospectively drive the governance throughout – now we are seeing that data governance is often leading – it has become a non-negotiable.”. Kate Tickner, Reltio.

MDM 40

Top GRC Tools & Software for 2021

eSecurity Planet

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. Third-party governance. IT governance and security. Privacy governance and management.

Bristol Airport systems offline in suspected ransomware attack

IT Governance

Protect yourself with IT Governance. With malicious links and attachments accounting for 59% of ransomware infections, organisations of all sizes and types must ensure staff are trained to be vigilant and secure. Cyber Security Retail e-learning phishing RansomwareAnother day, another cyber attack. This time it’s Bristol Airport.

GUEST ESSAY: 3 key ingredients to stress-free compliance with data handling regulations

The Last Watchdog

The variety of laws and regulations governing how organizations manage and share sensitive information can look like a bowl of alphabet soup: HIPAA, GDPR, SOX, PCI and GLBA. A multinational conglomerate, government contractor, or public university must comply with ten or more, which makes demonstrating regulatory compliance seem like a daunting, even impossible, undertaking. You are responsible for governing the data your employees access, regardless of how they access it.

ROUNDTABLE: Targeting the supply-chain: SolarWinds, then Mimecast and now UScellular

The Last Watchdog

26 posting confirming that the compromise was at the hands of the same nation-state threat group behind the SolarWinds hack and subsequent attacks on various technology companies and federal government agencies. The intruders got in by tricking UScellular retail store employees into downloading malicious software on store computers. Attacks like this are unfortunately frequent and even well-intentioned, well-trained, users can fall victim to a clever attack.

Data breaches and cyber attacks quarterly review: Q2 2021

IT Governance

IT Governance discovered 377 security incidents between April and June 2021, which accounted for 1,224,539,395 breached records. If you find yourself facing a cyber security disaster, IT Governance is here to help.

Top 12 Cloud Security Best Practices for 2021

eSecurity Planet

Train your staff. To prevent hackers from getting their hands on access credentials for cloud computing tools, organizations should train all workers on how to spot cybersecurity threats and how to respond to them. Read more: Best Cybersecurity Awareness Training for Employees in 2021.

Cloud 69

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

My reporting trip included meetings with Michigan-based cybersecurity vendors pursuing leading-edge innovations, as well as a tour of a number of thriving public-private cybersecurity incubator and training programs. He pulled together the Michigan Cyber Range , an unclassified, private cloud network initially set up to teach, test and train IT staff to defend their organizations’ networks.

Business Continuity Plans Must Evolve for the Post-COVID World


The pandemic has revealed a painful downside to just-in-time inventory management as some retailers and manufacturers were caught flat-footed when their suppliers were shut down by illness or government mandate. Have a crash course security training program in place.

Cloud 99

Redcar and Cleveland Borough Council still offline after suffering cyber attack

IT Governance

Unlike an attack on retailers, for example, victims have no alternative when systems are down. Over that six-month period, local government experienced 263 million attacks. Implement a comprehensive defence strategy with the help of IT Governance.

Port Covington, MD re-emerges as ‘CyberTown, USA’ — ground zero for cybersecurity research

The Last Watchdog

DataTribe , a Fulton, MD-based cybersecurity startup incubator, has been a key backer of this ambitious urban redevelopment project , which broke ground last October in Port Covington, MD, once a bustling train stop on the south side of Baltimore. It’s mission has been to seek out and assist government cyber specialists in a position to enter the private sector and build commercial cyber and data science companies.

Catching up, again


Shareholders push back on bonus compensation plan, demonstrating an unusual level of control ( i.e. , Governance) over their investment. Does your information governance program cover the content of the training provided to your customers? “Boeing Omitted Safety-System Details, Minimized Training for Crashed Lion Air 737 Model,” The Wall Street Journal , December 6, 2018.

Why 83 Percent of Large Companies Are Vulnerable to This Basic Domain Hack

Adam Levin

What would happen if you typed in “Amazon,” the corresponding domain popped up, and you clicked, but instead of finding the world’s largest online retailer, you landed on a 1980s WarGames-themed page with a laughing skull?

MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

The Last Watchdog

Local government agencies remain acutely exposed to being hacked. However, at this moment in history, two particularly worrisome types of cyber attacks are cycling up and hitting local government entities hard: ransomware sieges and election tampering. Weller observed that local governments are under pressure to more proactively detect and deter threat actors, which means they must figure out how to redirect a bigger chunk of limited resources toward mitigating cyber threats.

Your journey starts here ? achieving success with CILIP


Qualifications, training, advice from colleagues, social media, blogs, networks, specialist organisations, email lists, meet-ups ? Training, CPD and skill. s leading provider of quality-assured training, CPD and skills development for information professionals.

Key Developments in IoT Security

Thales Cloud Protection & Licensing

Is there IoT security awareness training for employees who use the technology? Yes, and Ellen uses the example of a retail grocery store to effectively demonstrate the point. The rise of IoT has not gone unnoticed in government circles. Key Developments in IoT Security. madhav.

IoT 72

Top 3 Black Friday 2019 scams to avoid

IT Governance

Besides the traumatic experience for some retail employees and those injured in shop-floor brawls, Black Friday is also a time in which many of us are caught out by scams, with cyber criminals taking advantage of customers desperate for a bargain.

SHARED INTEL: How digital certificates could supply secure identities for enterprise blockchains

The Last Watchdog

Early adopters are trial-running Hyperledger blockchains in trade financing, in education and training programs and in supply chains for certain vertical industries. Blockchain ledgers are gaining traction in vertical industries like real estate, Big Pharma and food production and retailing, Wal-Mart being a pioneer of the latter. Blockchain gave rise to Bitcoin. But blockchain is much more than just the mechanism behind the cryptocurrency speculation mania.

Catches of the month: Phishing scams for April 2021

IT Governance

Additionally, you should be wary of unsolicited emails, texts or adverts – particularly if they offer suspiciously good deals – and check whether the vendor is a member of STAR (Society of Ticket Agents and Retailers).

MY TAKE: Why Satya Nadella is wise to align with privacy advocates on regulating facial recognition

The Last Watchdog

The surveillance regime the UK government has built seriously undermines our freedom,” Megan Golding, a lawyer speaking for privacy advocates, stated. And their grander vision is to help establish a nationwide biometric database in which a hybrid facial ID/fingerprint can be used for things such as fraud-proofing retail transactions, or, say, taking a self-driving vehicle for a spin.

SEC Office of Compliance Inspections and Examinations Publishes 2018 Exam Priorities

Data Matters

1 As has been widely reported, the Exam Priorities’ general focus areas include: retail investors. The majority of these Exam Priorities are not surprising because they reflect the Commission’s continued focus on retail investors, conflicts of interest, fee disclosure, cybersecurity, cryptocurrency and AML programs. A Continued Focus on Retail Investors – what does this mean? Indeed, retail funds have been a Commission focus for many years.

5 Best Practices for Successful Internal Documentation


These will vary by industry, but to give you an idea of the types of questions it’s helpful to ask, let’s say your organization is in retail. Without a central document to govern procedures, employees will eventually begin to make mistakes.