Previous Newsletters
January 08
June 07
November 06
August 06
March 06
"Sapphire's
input provides me with an additional source of impartial, practical, advice
and guidance..."
Steve Marshall,
Head of Security Architecture, Barclaycard
> more
Welcome to the Sapphire
newsletter!
John Morrison, Managing Director, Sapphire
A recent survey carried out by YouGov has highlighted that over three-quarters of UK organisations admit to not having sufficient plans in place to protect their businesses and employees in the event of pandemic flu.
Mr Russell Price, chairman of the continuity forum who overviewed the research, stated that businesses and public sector organisations are generally still over-looking the fundamental points. 30% of businesses have no strategy at all, while 14% have only rudimentary continuity plans in place that are in need of improvement.
UK information assurance advisor, Sapphire strongly urges organisations to take the risks associated with the outbreak of a pandemic flu seriously. “Organisations that do not invest the time and effort into composing a business continuity plan run the risk of suffering severe financial loss should a pandemic flu occur. Business continuity planning can be effective on its own or as part of a security management methodology. International security standards such as ISO 27001 help organisations protect their crucial assets against loss should an incident occur” said John Morrison, Managing Director, Sapphire.
The survey went on to state that 38% of organisations currently have no communication plans in place for employees and customers. These figures are startling, should organisations lose the ability to communicate, they lose the ability to function and trade.
“There is an array of solutions on the market that enable organisations to work remotely,” comments John. “Yet the threat of pandemic flu is taken so lightly, that organisations fail to take advantage of the resources available to them.”
Sapphire is currently working with Microsoft to encourage all of its customers to consider the benefits of implementing remote working solutions. The Microsoft Intelligent Application Gateway (IAG) is a remote access solution based on a SSL VPN connectivity platform. It allows the user to connect from anywhere, using only an internet browser.
Nottingham University Business School has calculated that pandemic flu could cost British businesses £95 Billion. Minimise your loss and take action now. Contact Sapphire on info@sapphire.net and request further information on business continuity planning, secure mobility and remote working.
HM Revenue and Customs crash and burn – is your organisation next?
HM Revenue and Customs recently lost the personal details of all child benefit recipients in the UK. The loss of data was incurred when a junior member of staff downloaded the entire child benefit database and sent the information, via internal mail and courier to the audit office in London.
This event, which has been described by the Chancellor Alistair Darling as being ‘catastrophic’ and ‘serious’ has left the UK Government open to further criticism and complaints relating to the handling of its data. Earlier this year, during the launch of his annual report, Richard Thomas the Information Commissioner called upon all public sector bodies to take their data protection obligations more seriously. This statement was made following a surge of enquiries and complaints submitted to the Information Commissioners Office (ICO) in 2006/7, relating to the disclosure and loss of personal information.
Following the most recent incident involving HM Revenue and Customs, David Smith, Deputy Information Commissioner has revealed to the House of Lords that the Information Commissioner’s Office (ICO) have called on the Ministry of Justice to make the loss of personal data a criminal office.
“It is crucial that organisations take the necessary steps to protect their data” commented Vernon Poole, Head of Business Consultancy at Sapphire. “Should the ICO achieve its goal and new laws relating to data loss and misuse come in to effect, the loss of data will be detrimental to the success of any organisation.”
Sapphire is an organisation that takes data protection and privacy seriously and has recently partnered with leading security vendor BeCrypt. BeCrypt provides a range of certified products for areas where a high degree of data security is required. BeCrypt's products are certified to CAPS (the CESG Assisted Products Scheme) which endorses cryptographic products for use by HMG and other appropriate organisations. Where this high level of certification is not required, their products carry the CCT Mark (CSIA Claims Tested) a Government quality assurance mark.
The Becrypt range of products are not limited to public sector organisations and can also provide high level assurance for other organisations wishing to secure their corporate data. To receive further information, please contact info@sapphire.net.
NISC – BT and the evolution of security
Sapphire is delighted to announce that Bryan Littlefair, Global VP of Security Research and Development at BT Group has agreed to speak at NISC 2008. Bryan is responsible for the global security pipeline of the UK’s major telecom supplier, and is also responsible for delivering security solutions internally.
Bryan’s presentation entitled ‘Recent and Future Trends of the information Security Space’ will outline what he and his team feel is the future for information security, has the landscape changed over recent years and what will it evolve into. Bryan will also discuss how information security professionals are going to have to adapt to face these new threats.
Bryan joins a long list of speakers for organisations including: BT, City of London Police, Deloitte and Touche, Serious Fraud Office, Cap Gemini and Many more.
The conference is a three day event. Delegates have the opportunity to attend as a residential delegate or a day delegate and registration packages start from as little as £395. NISC covers a wide variety of topics: governance, fraud prevention, data disposal, legal implications of information security, computer forensics, business and information assurance to name but a few. View the agenda or visit the NISC website to request further information.
Wednesday 9th January - New Engineering Foundation (NEF) Awards Ceremony
Institute of Directors, 116 Pall Mall, London, SW1Y 5ED
David Horn, Sapphire, will be presenting at the New Engineering Foundation (NEF) awards ceremony on Wednesday 9th January, 2008. His presentation is a case study of the effects of Digital Forensics in Education and David will present alongside Iain Arthur’s of Gateshead College.
Read More…
Wednesday 30th January - Understanding PCI (Payment Card Industry) Requirements for your Organisation
Stirling Management Centre, Stirling, Scotland
Sapphire is hosting an event on Wednesday 30th January, 2008 at the Stirling Management Centre, Stirling University, Stirling. Sapphire will be joined at the event by partners: Imperva and Virtrium Ltd. The event entitled ‘Understanding PCI Requirements for your Organisation' is completely free to attend and will cover some of the key areas relating to PCI compliance.
Read More…
Monday 10th March - ISACA European CACS Conference
Stockholm
European Computer Audit, Control and Security Conference—The world’s leading conference for IT audit, assurance, security and governance professionals. Vernon Poole, Head of Business Consultancy at Sapphire is speaking at the event as the ISACA UK representative and as an ISM Committee representative. His presentation will cover all current issues relating to metrics and benchmarking.
Read More…
Seasons Greetings
John Morrison