CS Sep-Oct 2021

More documents

Recommendations

Info

asset disposal ADISA SETS THE STANDARD ADISA ASSET RECOVERY STANDARD 8.0 IS FORMALLY APPROVED BY UK INFORMATION COMMISSIONER'S OFFICE determined by their own responses to those key questions. "This has allowed the ADISA Standard 8.0 to introduce a tiering level for the controls, which are put in place in over 30 areas where different risk countermeasures have been identified. With a total number of 221 criteria, this is the most exacting assessment of a data processor within this specific industry," adds Mellings. In July 2019, ADISA CEO Steve Mellings sent a rather speculative email into the ICO, asking for details about how he could apply to get the ADISA ITAD Industry Standard recognised under Article 42 of the then EU GDPR. "That request now seems a very long time ago," he reflects, "as we have battled through Brexit, creation of UK GDPR and, of course, COVID challenges. But, as per the ICO press release on 19 August, I'm delighted to now be able to publicly confirm that ADISA IT Asset Recovery Standard 8.0 has become one of the first Standards approved by the Commissioner." DATA IMPACT ASSURANCE LEVELS "A key part of our work with the ICO was to find a way to empower the data controller to make decisions on critical processes undertaken during the asset recovery and data sanitisation activity which they may not even be aware of," explains Mellings "These processes introduce risk and the ICO made it clear that the data controller needed to be made aware of these and be able to determine the level of controls required." This caused much discussion about how it could be achieved without a requirement for the data controller to be completely handson in the process and it wasn't until he remembered the old CESG Business Impact Levels that the solution became apparent. "By customising that concept, ADISA has created the 'Data Impact Assessment Level' or 'DIAL'. This is a formula in which the data controller answers five simple questions, which will then identify them at a particular DIAL rating. These questions are based on threat, risk appetite, categories of data, volume of data and, finally, impact of a data breach, and will enable the controller to present to their supplier a 'DIAL that is WHAT DOES THIS MEAN AND HOW CAN IT HELP YOU? "In short, it means that, over the two-year period, we've worked with the Commissioner to agree on what needs to happen during the Asset Recovery and Data Sanitisation process for it to be viewed as UK GDPR compliant. With data protection and cyber security being a complex area, this new ICO-approved Standard can help fix one problem that many don't even know they have - how to dispose of retired assets and ensure regulatory compliance." WE'RE ONLY HALFWAY THERE "Whilst Standard 8.0 has now been formally recognised, we are now undertaking the second part of our project, which is to get our auditing process UKAS accredited, such that we have a UK GDPR-approved scheme," he adds. "We've been working on this behind the scenes for over 12 months and our application to UKAS is now in, and we expect this process to take between 6-9 months. This will provide ample time for existing certified ITADs and new applicants to working towards 8.0 to ensure those companies certified to Standard 8.0 can genuinely evidence UK GDPR compliance." To find out more, go to https://adisa.global - or just click here. 30 computing security September 2021 @CSMagAndAwards www.computingsecurity.co.uk
CS Nominations 2021 NOMINATIONS OPEN NOW - AND WE WANT YOUR VOTES! THE COMPUTING SECURITY AWARDS 2021 ARE FAST APPROACHING, SO IT'S TIME FOR YOU, OUR READERS, TO CAST YOUR VOTES FOR THE COMPANIES, PRODUCTS AND SERVICES THAT HAVE IMPRESSED YOU MOST IN THE PAST 12 MONTHS It’s official: the Computing Security Awards for 2021 will be taking place LIVE in London in December! (Page 3) Forced to go 'virtual' last year, the news couldn't be more welcome - and we plan to celebrate the occasion with all the panache and passion of previous awards. In the meantime, we need you - our readers - to play a key part in the build-up by nominating those Companies, Products & Services you feel deserve recognition for the impact they have had over the last 12 very difficult months. You may want to reflect on some of the following criteria, for example, in reaching your verdict: Which companies have helped to secure your organisation's digital infrastructure over the past year? What Cyber Security products/ services have most impressed you? Are you a Cyber Security company that’s proud of the service or technology you have provided to customers? Go to the awards nominations page now - computingsecurityawards.co.uk - and cast your votes. HERE IS THE FULL LIST OF THE 2021 AWARDS CATEGORIES AWAITING YOUR VOTES: Advanced Persistent Threat (APT) Solution of the Year AI and Machine learning based Security Solution of the Year Anti Malware Solution of the Year Anti Phishing Solution of the Year Cloud-Delivered Security Solution of Year Compliance Award - Security Contribution to CyberSecurity Award - Person Customer Service Award - Security Cyber Security Innovation Award: Countering Covid-19 .DLP Solution of the Year Editor's Choice - Benchtested Email Security Solution of the Year Encryption Solution of the Year Enterprise Security Solution of the Year Identity and Access Management Solution of the Year Incident Response & Investigation Security Service Provider of the Year Mobile Security Solution of the Year Network Security Solution of the Year New Cloud-Delivered Security Solution of the Year New Security Software Solution of the Year One to Watch Security - Company One to Watch Security - Product Penetration Testing Solution of the Year Remote Monitoring Security Solution of the Year Secure Data & Asset Disposal Company of the Year Security Company of the Year Security Distributor of the Year Security Education and Training Provider of the Year Security Project Category(s) of the Year Security Reseller of the Year Security Service Provider of the Year SME Security Solution of the Year Threat Intelligence Award Web Application Firewall of the Year To discuss nominating, voting, becoming a sponsor or booking seats at the Awards ceremony, please contact: Edward O'Connor Email: edward.oconnor@btc.co.uk Tel: +44 (0) 1689 616000 Lyndsey Camplin Email: lyndsey.camplin@btc.co.uk Stuart Leigh Email: stuart.leigh@btc.co.uk CS AWARDS 2021 - KEY DATES: Nominations open - 20 August Nominations close - 24 September Finalists announced & voting opens - 1 October Voting closes - 19 November Awards Ceremony - 2 December www.computingsecurity.co.uk @CSMagAndAwards September 2021 computing security 31
Page 1 and 2: Computing Security Secure systems,
Page 3 and 4: comment 2021 COMPUTING SECURITY AWA
Page 5 and 6: There’s a difference between feel
Page 7 and 8: ADISA ICT Asset Recovery Standard 8
Page 9 and 10: UNIQUE EVENT FOR THE CYBER SECURITY
Page 11 and 12: ansomware BASIC SECURITY IS ESSENTI
Page 13 and 14: 50 % OFF RANSOMWARE PREVENTION & PR
Page 15 and 16: information security things, but, w
Page 17 and 18: health check This has enabled indiv
Page 19 and 20: global intelligence will have impli
Page 21 and 22: all at sea CRUISING FOR A BRUISING
Page 23 and 24: all at sea Secondly, adversaries' c
Page 25 and 26: information security more effective
Page 27 and 28: new-world shakeup for every employe
Page 29: global intelligence Incident Notif
Page 33 and 34: APTs malware to install backdoors t
Page 36: Pragmatic and experienced risk mana

CS Sep-Oct 2021

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?