This is your go-to reference for examples of sensitive data, definition and GDPR personal data including how to identify, classify and protect sensitive data. Highlights It is now easy to access information relating to an individual from the north pole to the south pole with a fast-moving world. You have ever wondered how your personal information is protected or even handled?

PCI is an information security standard for organisations that handle credit card transactions. It includes any entity that processes, stores or transmits credit card information. This standard is mandated by major credit card companies – Visa, Mastercard, and American Express – and administered by Payment Card Industry Security Standards Council (PCI SSC).

Access control is unarguably one of the essential aspects of information security. It is the means or method by which your business or any entity or organisation of interest can deny access to an object to subjects or entities not permitted specific access rights. Access control provides an organisational means to limit and control access permission to and by end-users and other interested entities to grant only approved and adequate access.

Vulnerability scans and penetration test are often used interchangeably. Unfortunately, it is the improper use that creates confusions, sometimes around security decisions too. This article shal help the reader with these terms: penetration testing vs vulnerability scanning, their project inputs, outputs, security health indicators and decision making factors.

The Data Protection Act was brought in in 2018, and it controls and monitors the way that UK businesses and organizations use your personal data and information, such as credit, payment card, financial information, social security numbers, and any sensitive data. Under the act, it is up to everyone to ensure that they use data wisely and adhere to the data protection principles that are laid down in the act, which are.

Port scanning is the critical element of any cyber risk assessment conducted under infrastructure security or network security domains. It helps to identify all the exposed services on a system or network. Presence of open ports doesn’t indicates importance from attack perspective only; they are equally vital from a defensive front.

With exponential growth of businesses utilising technology in recent years, information security has increased its importance justifiably. We cover top principles of information security, importance of security policies and steps to improve security within an organisation.

In this app-driven world, APIs are the infrastructure providing highways for ensuring smoother transport of sensitive data. Insecure APIs add to top security risks faced by web applications and act as an easy invite for hackers. Just because APIs deal with data at the backend does not mean they are hidden from the plain view and are safe. This article provides you an API security checklist that can be used as a basic benchmark before the release.

With recent legal developments taking into account data privacy, it shows the importance of protection of individuals personal information for businesses. The UK left the EU on 31st January 2020. The current transition period ends on 31st December 2020, DPA 2018 takes centre stage with all matters of data privacy. Let’s dive into the beef first and then related GDPR, DPA information including the basics and gdpr vs dpa.

Security threats in healthcare relate to safety of the clinical and administrative information systems of hospitals and healthcare service providers. Increasing cyber attacks on healthcare organisations in the last few years have been faster than the improvements in healthcare cybersecurity practices. In this article, we discuss the cyber security threats and vulnerabilities of hospitals and healthcare providers, followed by best security practices aimed at improving security posture.