Data Protection

How ISO 27001 Can Help Your Organisation Meet GDPR Requirements

December 6th, 2017|Data Protection, Uncategorized|

One of the challenges of GDPR (the General Data Protection Regulation that comes into force in May 2018) is that organisations are left to interpret how GDPR impacts on their business and how best to comply. Many of the articles in GDPR are sufficiently vague and currently there is no standard or framework that can [...]

GDPR: What’s All The Fuss About?

November 1st, 2017|Conference, Data Protection|

Burning Tree’s recent Breakfast Briefing “GDPR: What’s All The Fuss About?” was well attended by representatives from businesses keen to learn what they have to do to be compliant. Presentations from Burning Tree, Fimatix, Privacera, Beta Systems and Fujitsu showed delegates that compliance with General Data Protection Regulations (GDPR) by 25th May 2018 is relatively [...]

Get GDPR Ready – What You Need To Know

September 15th, 2017|Data Protection|

With less than 8 months to go, few CEOs and their CIOs can have failed to have heard of GDPR. However, we are still receiving calls from businesses that have yet to implement any measures to comply with the 25th May 2018 deadline. While GDPR is about protecting personal data – our employees, our customers, [...]

Threat Modelling

August 18th, 2017|Data Protection|

Understanding The Business Impact Of A Successful Attack The overwhelming number of potential threats to your organization from cyber criminals, hackers and insider actors, is a challenge for even the most experienced IT Security Professionals. Monitoring the threat landscape is becoming unmanageable, sapping budgets and using up resources on threats that may never materialize. However, [...]

GDPR – Are you thinking “What’s All The Fuss About?”

August 8th, 2017|Data Protection|

We are all increasingly concerned about how our personal data is used and what measures are in place to protect it from falling into the wrong hands. As seen extensively in the media the EU has new legislation coming into force on 25th May 2018 called the General Data Protection Regulation, commonly known as GDPR. [...]

How To Reduce Breach Detection Times

June 30th, 2017|Data Protection|

The Invisible Enemy? By Peter Boyle, CTO, Burning Tree Two weeks before WannaCry crippled the NHS, halted car production in Japan, and disrupted rail systems in Germany; IDT had been attacked with a degree of sophistication not seen before. Golan Ben-Oni, Global CIO for IDT – recently featured in a very thought-provoking article in the [...]

How to Automate Governance, Risk and Compliance (GRC) to Reduce Costs

December 13th, 2016|Data Protection|

IT Governance, Risk Management discipline, Information Security Policy and legal compliance requirements all place a burden on companies to ensure their governance, risk and compliance (GRC) policies protect customers, staff and stakeholders. Reducing risks whilst keeping costs low is becoming a key challenge for businesses, especially when the number of cyber-attacks keeps rising. Small businesses, [...]

Core Principles Of Building A Secure Network Architecture

November 22nd, 2016|Data Protection|

In many organisations IT projects are designed to address business objectives or as operational solutions without any thought about security. The security ‘solution’ is often bolted on at a late stage of development, or even after launch when security risks are identified. Sometimes security is overlooked entirely, until something goes wrong. This approach results in [...]

Lessons from Snowden: The Unmanaged SSH Key Time Bomb

October 12th, 2016|Data Protection|

Last month Snowden (the movie) was released in the US. While the film has received mixed reviews, the story behind the movie has played out very publicly over the last three years providing a salutary lesson for all charged with organisational security. Whether you approve of Edward Snowden’s actions by exposing the NSA’s surveillance operations [...]

Can Your IT Systems Heal Themselves? Automation and Cyber security

September 22nd, 2016|Data Protection|

The idea of self-healing networks is very attractive to any IT Director who wants to use valuable resources - IT staff and budget - on more strategic activities. Rather than using people to deal with business operational activities such as for detecting and fixing common network issues, let the computers do it for us. [...]

burningtree.co.uk