Leave No Trace: Why digital footprints matter
If you spend any time in the countryside, you’ll likely be familiar with the principle of “leave no trace”. At its heart, this sets out the framework for ensuring that your presence does not cause a problem for others, and if you’re stealth camping it ensures you’re able to go undetected. In the digital landscape,…
Beyond Compliance: How Training Drives Business Success
It’s a shame that a training policy and personal development plan aren’t standard practices across all businesses. For various reasons, many organisations do not put it at the top of the agenda. However, here’s why they should. The Cost to Businesses Training doesn’t always have to mean expensive courses in external venues. Employees can acquire…
CAF and DSPT
DSPT submission I know we are only in January, but before you know it we will be seeing new born lambs in fields, daffodils sprouting and leaves reappearing on trees. Oh, and then there’s the Data Security Protection Toolkit (DSPT) submission. To maintain compliance organisations are required to submit before 30th June each year. Changes…
Security as a Business Enabler: The Case for a Virtual CISO
How growing organisations can access executive security expertise without the executive price tag Introduction In today’s increasingly digital economy, robust security practices and leadership are a genuine business enabler. Strong security governance doesn’t just reduce the risk of incidents, it opens doors to new business opportunities, builds customer trust, and drives competitive advantage. Take a…
Data Retention: Why It Matters and How to Stay Compliant
A few years ago, I had a lightbulb moment during a review of our Data Retention Policy. Our legal advisor at the time made a striking comment: “Data is toxic.” His point was simple yet profound—keeping data longer than necessary or holding onto more than you need only increases your exposure to risk. This insight…
ISO27001 transition
If you’re still certified to ISO27001:2013 you have until 31st October 2025 to transition to ISO 27001:2022. After this deadline, organisations that haven’t switched to the new version will have their certification withdrawn. What are the key changes? While the core clauses in the 2022 standard remain the same, additional subclauses and clarifying notes have…
