SOC 2 is an information security standard was created by the American Institute of Chartered Public Accountants (AICPA), as a way to provide assurance of an organisation’s management of data. SOC 2 compliance provides a framework to assess against five Trust Service Criteria (TSCs) – but more on those later. There are two types of SOC 2 compliance: Type I and Type II.

Bulletproof Co-founder & CEO, Oliver Pinson Roxborough, talks us through how hackers hide, the perceived threat from nation states, and what that means for your business.

It’s not surprising that adoption of Cyber Essentials certification is growing steadily year on year. It’s a valuable certification to have, not least of all for the many commercial opportunities it presents. But as a Cyber Essentials Assessor, one thing I see repeatedly is that poor network boundary implementation making reaching certification harder than it has to be – especially for smaller organisations. That’s what I’m going to be looking at in this blog.

Implementing ISO 27001, the international standard for information security management, is a complex process that requires expertise, experience and careful planning. This blog explores why using a consultant for ISO 27001 implementation is crucial to not just ensure certification, but also (and perhaps more importantly), to build an information security management system that is tailored to your business and its objectives. To make sure your certification is actually working for you.