ICC detects and contains new sophisticated cyber security incident Late last week, the International Criminal Court (“ICC” or “the Court”) detected a new, sophisticated and targeted cyber security incident, which has now been contained. This incident, the second of this type against the ICC in recent years, was swiftly discovered, confirmed and contained, through the Court’s alertContinue reading “June 2025: Major Data Breaches and Cyber Attacks”
Tag Archives: informationsecurity
Proxy vs VPN
What is Proxy? An internet proxy (or proxy server) is an intermediary system that sits between your device and the internet. When you use a proxy, your internet requests (like visiting a website) are first sent to the proxy server. The proxy then forwards these requests to the destination website or online service on yourContinue reading “Proxy vs VPN”
May 2025: Major Data Breaches and Cyber Attacks
South African Airways hit by cyber attack South African Airways (SAA) has become the latest organisation to fall victim to a cyber attack. In a statement released today, the flagship carrier of South Africa says it has been impacted by a significant cyber incident that began on Saturday, 3 May. According to SAA, the breachContinue reading “May 2025: Major Data Breaches and Cyber Attacks”
April 2025: Major Data Breaches and Cyber Attacks
Ransomware surge: Sensata Technologies, US state agencies targeted in widespread cyber incidents Industrial technology company Sensata Technologies disclosed that the company experienced a ransomware attack that encrypted parts of its network. The company took its systems offline, initiated response protocols, and launched an investigation with third-party cybersecurity experts. Law enforcement has been notified and is involved. ThisContinue reading “April 2025: Major Data Breaches and Cyber Attacks”
Transitioning to PCI DSS 4.0: Essential Compliance Updates
The shift from PCI DSS 3.2.1 to 4.0 brings critical security enhancements to protect payment card data against evolving cyber threats. If your organization processes payments, these changes will impact you. The below table highlights changes for each requirement: Requirement PCI DSS v3.2.1 PCI DSS v4.0 (Changes & Enhancements) 1: Install and maintain a firewallContinue reading “Transitioning to PCI DSS 4.0: Essential Compliance Updates”
March 2025: Major Data Breaches and Cyber Attacks
Data breach at Japanese telecom giant NTT hits 18,000 companies Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident. The data breach was discovered in early February 2025, but the exact date when the hackers gained initial access to NTT’s systemsContinue reading “March 2025: Major Data Breaches and Cyber Attacks”
Implementing ISO 27001: A Step-by-Step Guide
Steps to implement ISO 27001 Context Setting What activities you should follow: These activities should deliver the following: The below templates can be used for documentation purposes: Risk Assessment Threats, Vulnerabilities & Risks Threat: A potential cause of an unwanted Incident, which may result in harm to a System or Organization Vulnerability: A vulnerability isContinue reading “Implementing ISO 27001: A Step-by-Step Guide”
Understanding ISMS: Scope and Key Clauses Explained
Scope and Applicability It is applicable to all organisations whether commercial, government or Non profit. It covers and specify the requirements for the following: PDCA Cycle Clauses: Clause 4: Context of Organization Clause 5: Leadership Clause 6: Planning Clause 7: Support Clause 8: Operation Clause 9: Performance evaluation Clause 10: Improvement
AWS Security – Part 1- Securing Root Account with MFA
Task: Create AWS account and set up for below tasks What is the need to perform this: Securing an AWS root account is crucial because it has unrestricted access to all resources and services within your AWS environment. If compromised, an attacker could delete resources, steal data, or even lock you out of your ownContinue reading “AWS Security – Part 1- Securing Root Account with MFA”
Audit Conclusions
Objectives of Audit Conclusions Preparing Audit Conclusions ISO 19011, clause 6.4.9 Before the closing meeting, the auditors meeting consult each other to: Discussing Audit Conclusions with the Auditee It is important to discuss audit findings and conclusions with the management before the closing meeting and submitting the final report to: Closing Meeting Agenda Model PreparingContinue reading “Audit Conclusions”
