ISMS.online

Happy High Five Friday! 🙌 This reviewer praised the ISMS.online platform for helping them streamline their workload, saving them time and resources: “The platform allows us to manage and link multiple clusters and workflows, meaning we have streamlined numerous areas that save time and reduce administrative burden (and importantly replace traditional excel type files/process).” Ready to achieve compliance without the hassle? Take a self-guided platform tour 👇 https://lnkd.in/e6QJsx99 #CustomerSuccess #G2Reviews #ISMSOnline #InformationSecurity #ComplianceWithConfidence

Email scammers are evolving their business email compromise (BEC) tactics in ever-more brazen attempts to access organisations’ systems and, critically, their funds. In his latest blog, Danny Bradbury discusses attackers’ latest tactics and how businesses can protect themselves. He covers: 📌 A recent attack where threat actors used Microsoft’s cloud resources to make a BEC attempt more convincing 📌 What organisations can do to mitigate BEC attacks and the importance of employee training 📌 How ISO 27001 can help businesses mitigate risk and improve their security. Learn more about the evolution of business email compromise attacks 👇 https://lnkd.in/e7cFNJUZ #BusinessEmailCompromise #Cybercrime #Cybersecurity #ISO27001 #RiskManagement

As the first provisions of the EU AI Act come into force, what are the implications for UK businesses seeking to compete in the European market? Our CPO, Sam Peters, shared his thoughts in an article for AI News. He discusses: ✅ How future UK AI legislation is likely to mirror aspects of the EU framework, making proactive preparation for compliance essential ✅ The role of ISO 42001, the AI management standard, in ensuring compliance ✅ Key steps UK businesses can take to adapt and prepare. Learn more about the future of AI regulation and how UK businesses can use compliance as a catalyst for growth 👇 https://lnkd.in/gaiBrK8T #AI #EUAIAct #AIRegulation #ISO42001 #RiskManagement #InformationSecurity

This month, the Cyber Essentials and Cyber Essentials Plus certification processes will undergo strategic updates to reflect evolving cyber threats and the complex environments businesses are currently navigating. In the blog, Rebecca Harper shares insight into the updates and the next steps for organisations. She covers: 📌 The changes included in the 2025 Cyber Essentials and Cyber Essentials Plus updates 📌 Actions organisations should take to align with these changes 📌 How ISO 27001, the information security standard, can help organisations implement core information security practices. Read more about the new Cyber Essentials updates 👇 https://lnkd.in/evq34ZSe #CyberEssentials #CyberEssentialsUpdate #InformationSecurity #RiskManagement #VulnerabilityManagement

🔒 Did you know WannaCry is estimated to have caused $4 billion in damages globally? That figure isn't just a relic of 2017; it's a reminder of what's at stake when ransomware hits. In Episode 9 of Phishing for Trouble, hosts Rebecca and Dave reflect on this infamous ransomware attack and dig into the lessons learned with expert guests Ash Patel (CISSP, CISM, CISA) and Chloé Messdaghi. From missteps to must-dos, this episode is packed with real-world advice on how to stay ahead of ransomware threats. 🎧 Listen here: https://lnkd.in/eFJgPFFq #PhishingForTrouble #WannaCry #Ransomware #CyberSecurity #IncidentResponse

Zero-day threats have become increasingly prevalent and dangerous, as the recent warning from the Five Eyes cyber agencies, including the UK’s National Cyber Security Centre, underscores. In an article for Pro Secure News, our CPO, Sam Peters, shares why organisations need a proactive approach to cybersecurity to truly outpace attackers. He covers: ✅ How businesses can go beyond patching and adopt a more structured approach to managing vulnerabilities ✅ How the ISO 27001 framework provides a way to integrate these processes into everyday operations ✅ How implementing a solid security framework involves adopting a holistic approach that includes vulnerability scanning, prioritisation and continuous monitoring. Discover best practice advice for taking a proactive approach to security 👇 https://lnkd.in/eKzNjuwr #ZeroDayAttacks #PatchManagement #SoftwareVulnerabilities #ISO27001 #InformationSecurity

There are just six months to go until the ISO 27001:2022 transition deadline. By October 31st 2025, organisations must have transitioned their information security management system (ISMS) to align with the updated standard, and certifications to the 2013 standard will expire. With time running out to ensure a successful transition, now is the time to dive into our Everything You Need to Know About the ISO 27001:2022 Standard Update guide. In the guide, Rebecca Harper shares: ✔️ The core differences between ISO 27001:2013 and the updated ISO 27001:2022 ✔️ Information on each individual Annex A control and its comparative control in the 2013 standard ✔️ The five new attributes introduced in the latest version of the standard and their impact ✔️ A ‘Summary of Changes’ worksheet with a roadmap to achieving ISO 27001:2022. Get vital insight into the updated ISO 27001 standard and a roadmap to guide your 2013 to 2022 transition 👇 https://lnkd.in/ewftvpVb #ISO270012022 #ISO27001 #InformationSecurity #Compliance #ISO27001Update

Ensure that the way you implement artificial intelligence (AI) systems within your business is ethical, sustainable, and aligned with global regulations. Our in-depth guide provides a deep dive into the world’s first standard for AI management, ISO 42001, which is designed to help organisations implement an effective AI management system (AIMS). Get the guide to learn: ✅ The fundamental principles of ISO 42001 ✅ Benefits of implementing an ISO 42001-compliant AIMS ✅ How to master the core controls of ISO 42001 and achieve compliance. With the EU AI Act taking effect, now is the perfect time to start thinking about your AI compliance and management. Discover the building blocks for successful AI management in our free guide 👇 https://lnkd.in/efA-dn-Y #ISO42001 #AI #ArtificialIntelligence #AIMS #EthicalAI #ArtificialIntelligenceManagementSystem

The first provisions of the EU AI Act came into force in February, but questions remain about what the legislation requires and which corporate practices or data uses may risk flouting the rules. Our CPO, Sam Peters, spoke to Compliance Week about the challenges of complying with the Act’s provisions. He discusses: 📌 Why regulators should bear some responsibility for clarifying “ambiguous” definitions in the legislation and guidance 📌 Key steps to help organisations implement structured AI governance 📌 How businesses that proactively approach AI governance as a long-term strategy will foster greater trust in their AI-driven innovations. Read more in the article 👇 https://lnkd.in/edRN48aJ #AIGovernance #EUAIAct #InformationSecurity #Cybersecurity #RegulatoryCompliance

🚀 New API Updates: Smarter Risk & Compliance Management We’ve made it even easier to manage your compliance workflows with three powerful API enhancements: 📌 Linked Work Endpoints – Gain complete visibility into related risks and track items. Easily add or remove linked work for better context and streamlined decision-making. 📄 Document Endpoints – Retrieve, add, and manage documents linked to risks and track items effortlessly, ensuring audit trails are always complete. ⏳ Resolution Time Tracking – Get precise resolution time for track items via API, making incident reporting and performance analysis a breeze. 💡 More control. More efficiency. More insights. Ready to integrate? 🔗 https://lnkd.in/eA-dzxp #APIs #RiskManagement #ComplianceIntegrations #ComplianceMadeEasier