What is Phishing?

00Cyber Security October, 19

It’s thought that cyber-attacks on UK businesses rose by a staggering 243% this summer, which vividly illustrates the digital threat we all face during our daily working lives.

Phishing is one of the most common methods of cyber-attack, so let’s take look into what exactly it is, and how you can avoid becoming a victim.

More info


What Questions Should be in Your Supply Chain Questionnaire?

00Supply Chain September, 19

Your business doesn’t operate in a vacuum, and it can’t work without its supply chain. It therefore stands to reason that your supply chain should be set up as you would your internal operations.

There’s one sure-fire way to ensure this is the case, and that’s by carefully quizzing suppliers before they come on board.

Supply chain questionnaires are very common. They’re also, sometimes, unfathomable and incredibly time consuming. The longest we’ve seen contained 750 questions!

This guide is for any business that needs to construct a questionnaire or has one sitting unanswered on their desk.

More info

Cyber Security

GDPR Just got Updated – Please Introduce Yourself to Some new BS and ISOs!

00GDPR Discovery ReviewTags: , , , , September, 19

So, just when you thought the GDPR was all done and dusted, you hear that interminable phrase, “there’s a new ISO standard we need to conform with”.

Your heart sinks.

Your blood pressure rises.

Surely, all that hard work you put into complying with the GDPR was enough for now?

No, but there’s nothing to worry about, because this is your no-nonsense, jargon-free(ish) guide to ISO27701.

More info


12 Reasons Why an IT Provider Doesn’t ‘do’ your GDPR for you

00GDPR Critical Friend, GDPR Discovery Review August, 19

Representing the biggest change to data protection laws since 1998, the General Data Protection Regulation (GDPR) forced businesses big and small to evaluate how they were collecting, storing and processing personal data.

Depending on your systems and processes, complying with the GDPR isn’t quite as burdensome as some would have you believe, but it has led to some rather worrying assumptions.

The most common we hear at conferences and when speaking to customers goes along the lines of, “oh, the GDPR? Yeah – our IT provider takes care of all that”.

If that’s a phrase you’ve uttered yourself, here are twelve reasons why your IT provider isn’t taking care of your GDPR compliance.
More info


Useful resources on Data Privacy and Data Protection

00Cyber Security, Enterprise Risk Management, Uncategorized July, 19

Here at Risk Evolves, we regularly deliver briefings and updates on all things related to data privacy and data protection, and we often signpost to other services. Over the years, we’ve amassed a long list of trusted sources of up to date information, tools and training materials, the vast majority of which is free !  So, if you can’t get along to one of the events where we’re speaking, then have a look at the list below or give us as call and we’ll see what we can do to help you.

Remember, data privacy and protection doesn’t need to be expensive !

More info


Wow this is scary stuff!!

00Cyber Essentials, Cyber Security April, 19

In my world as a Risk Consultant I spend a lot of time reviewing and trying understand the risks that face UK organisations with a view to helping businesses of any size keep their business, assets and money safe.

As part of this I attend lots of seminars, conferences and events where the Police or Government bodies such as the ICO, the National Cyber Security Centre or the National Crime Agency share their wisdom and actual details of the impact of cyber-crime or data losses…….Exciting stuff but someone has to do it!!

More info

North Wales Business Gains Accreditation to Protect Sensitive Client Data

00Cyber Security January, 19

An investment and financial planning company based in North Wales has been awarded a UK certification for protecting sensitive client data.

RPG Wealth based in St Asaph now has an IASME certification – the scheme for delivering best practice for information security. It includes the Government and National Cyber Security Centre’s own scheme Cyber Essentials and brings the business in line with the new General Data Protection Regulations (GDPR).

More info