- 59
- 159 706
URM Consulting
United Kingdom
Приєднався 7 лют 2014
URM is dedicated to providing high quality, cost-effective and tailored consultancy and training in the areas of information security, business continuity, and risk management.
URM's mission, through our consultancy and training services and our risk management software, is to assist you achieve the levels of information security and business continuity which are commensurate with the objectives and culture of your organisation and which also meet international standards, regulations and legislation. With our risk-based and pragmatic approach and knowledge transfer philosophy, URM's goal is to work with you to ensure any implementation reflects your organisation, is understood and sustainable.
URM's mission, through our consultancy and training services and our risk management software, is to assist you achieve the levels of information security and business continuity which are commensurate with the objectives and culture of your organisation and which also meet international standards, regulations and legislation. With our risk-based and pragmatic approach and knowledge transfer philosophy, URM's goal is to work with you to ensure any implementation reflects your organisation, is understood and sustainable.
InfoSec Insider Podcast - Common Pitfalls with ISO 27001
In this episode of InfoSec Insider, Frazer Grudgings, Senior Consultant at URM, highlights the common pitfalls and mistakes he frequently sees organisations make when implementing ISO 27001, and explores the steps you can take to avoid these pitfalls. Frazer draws upon his 15+ years of experience assisting organisations to implement ISO 27001 to discuss:
The most common mistakes made and challenges faced by organisations implementing ISO 27001
- How to avoid making these mistakes and ensure your ISO 27001 implementation and certification process is as smooth and seamless as possible
- Where you can look for help and support with your ISO 27001 implementation, both within your organisation and externally.
- Learn more about this topic: www.urmconsulting.com/blog/common-pitfalls-identified-in-organisations-seeking-iso-27001-certification
If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here: ratethispodcast.com/infosecinsider
You can find more episodes of InfoSec Insider here: urmconsulting.com/podcasts
Brought to you by URM, the UK’s leading information and cyber security specialists.
The most common mistakes made and challenges faced by organisations implementing ISO 27001
- How to avoid making these mistakes and ensure your ISO 27001 implementation and certification process is as smooth and seamless as possible
- Where you can look for help and support with your ISO 27001 implementation, both within your organisation and externally.
- Learn more about this topic: www.urmconsulting.com/blog/common-pitfalls-identified-in-organisations-seeking-iso-27001-certification
If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here: ratethispodcast.com/infosecinsider
You can find more episodes of InfoSec Insider here: urmconsulting.com/podcasts
Brought to you by URM, the UK’s leading information and cyber security specialists.
Переглядів: 6
Відео
Webinar - ISO 13485: What, Why and How INTRO
Переглядів 89 годин тому
ISO 13485 is an international quality management system (QMS) standard which has been developed specifically for the medical device industry and is one of the fastest growing ISO standards. It outlines the requirements for establishing a QMS that demonstrates an organisation’s capability (through the entire lifecycle, from design to disposal) to consistently and safely deliver medical devices a...
InfoSec Insider Podcast - Facial Recognition Technology
Переглядів 923 години тому
In this episode of InfoSec Insider - Talk DP, Martin Brazier, Senior Consultant at URM, explores the key challenges of and considerations for maintaining data protection compliance when using facial recognition technology (FRT). Martin leverages his 20 years of specialism in information management and data protection to discuss: - The different types of FRT and what they are used for - Real-wor...
InfoSec Insider Podcast - ISO 9001 Implementation
Переглядів 1914 днів тому
-In this episode of InfoSec Insider, Sue West, one of URM’s Senior Consultants, breaks down 2 of her ‘golden rules’ for successful implementation of ISO 9001, the International Standard for Quality Management Systems (QMS’). Sue leverages more than 25 years of experience establishing, managing and auditing QMS’ to provide key insights on: - The meaning of top management ‘leadership and commitme...
Webinar - SOC 2: What, Why and How - INTRO
Переглядів 2921 день тому
SOC 2 (Service Organization Control 2) is an information security control framework aimed at providing third-party assurance of a service organisation’s ability to manage and safeguard sensitive customer data. The framework focuses on adhering to specific criteria (security, availability, processing integrity, confidentiality, and privacy) for key systems. SOC 2 assessments are conducted by ind...
InfoSec Insider Podcast - Fines Imposed by the ICO in 2023
Переглядів 1121 день тому
In this episode of InfoSec Insider - Talk DP, Stuart Skelly, a Senior GRC Consultant at URM, provides a break down and analysis of the enforcement actions delivered since the beginning of 2023 by the Information Commissioner’s Office (ICO), the UK’s privacy regulator, to highlight emerging trends and lessons that can be learned from how the ICO enforces data protection legislation such as the U...
InfoSec Insider Podcast - PCI DSS - New Requirements for E-Commerce
Переглядів 3028 днів тому
In this episode of InfoSec Insider, Alastair Stewart, Payment Card Industry Qualified Security Assessor (PCI QSA) and Senior Consultant at URM, explores some of the new requirements for e-commerce pages in version 4.0 of the PCI Data Security Standard (PCI DSS), providing valuable advice and guidance on what organisations can do to remain PCI DSS compliant as they transition to v4.0. Alastair l...
InfoSec Insider Podcast - Everything You Need to Know About DSARs
Переглядів 28Місяць тому
In this episode of InfoSec Insider - Talk DP, Rachael Salter, Senior Data Protection Consultant at URM, discusses organisations’ obligations under the General Data Protection Regulation (GDPR) when fulfilling data subject access requests (DSARs) and the challenges associated with processing these requests. Rachael leverages her 10 years of experience working in data protection compliance to pro...
InfoSec Insider Podcast - Certificate in Information Security Management Principles (CISMP)
Переглядів 95Місяць тому
In the episode of InfoSec Insider Wayne Armstrong, Senior Information Security Consultant at URM, discusses the Certificate in Information Security Management Principles (CISMP), a BCS managed, foundation-level information security qualification. Drawing upon his 30 years’ experience in IT, information security and risk management, Wayne discusses: • What the CISMP is • What is covered in the C...
InfoSec Insider Podcast - GDPR Back to Basics
Переглядів 40Місяць тому
In this episode of InfoSec Insider - Talk DP, Stuart Skelly, a Senior GRC Consultant at URM, takes us ‘back to basics’ with the General Data Protection Regulation (GDPR), breaking down the key data protection concepts and terminology you will need to understand if you want to achieve and maintain compliance with the GDPR. Stuart leverages his 25 years of specialisation in data protection law to...
InfoSec Insider Podcast - Comparison of ISO 9001 and ISO 27001
Переглядів 152 місяці тому
In this episode of InfoSec Insider, Sue West, one of URM’s Senior Consultants, offers helpful advice and guidance on how to integrate multiple management systems which are conformant to/certified against ISO standards, with a particular focus on integrating an ISO 9001 quality management system (QMS) and an ISO 27001 information security management system (ISMS). Sue leverages her 25 years of e...
Webinar - 5 Steps to Improve Your Supplier Information Security Risk Management - INTRO
Переглядів 553 місяці тому
It is argued that your security is often only as good as your suppliers and other providers in your supply chain. Suppliers pose a significant risk to your organisation’s information security and data protection posture. If suppliers have access to your sensitive information including personally identifiable information (PII) and do not have adequate security controls and practices in place, th...
3 Peaks Challenge Interview. Martin's motivation.
Переглядів 463 місяці тому
Listen to our interview with Martin, one of our colleagues at URM who will be taking on the 3 peaks challenge on 11 July. In this interview, Martin discusses his motivation for attempting the challenge, and shares his thoughts on the response he’s received to his fundraising efforts. Martin, along with Matt and Lisa, 2 other colleagues from URM, will be taking on the 3 peaks challenge in memory...
Webinar - Getting the Most From Your Pen Testing Programme - INTRO
Переглядів 293 місяці тому
Penetration testing, or ‘pen testing’ is an authorised, simulated cyberattack where an expert tester attempts to find and exploit vulnerabilities in an application, system or network. The purpose is to identify and prioritise the mitigation of risks and proactively address vulnerabilities before they can be maliciously exploited (and therefore avoid a breach). Pen testing will help you comply w...
Webinar - Data Protection in the UK: What Next? - INTRO
Переглядів 714 місяці тому
6 years on from the release of the GDPR, URM’s senior practitioners will be taking stock of the state of data protection in the UK today in this upcoming URM webinar. To start, we will be examining where the UK’s supervisory authority, the Information Commissioner’s Office (ICO) has been focussing its attention in terms of enforcement actions (of all kinds - not just fines, but enforcement noti...
Webinar - A New Management System Standard for AI - ISO 42001 - INTRO
Переглядів 2295 місяців тому
Webinar - A New Management System Standard for AI - ISO 42001 - INTRO
Webinar - ISO 27001 Implementation and Certification - INTRO
Переглядів 1076 місяців тому
Webinar - ISO 27001 Implementation and Certification - INTRO
Webinar - Transitioning to PCI DSS v4 - INTRO
Переглядів 1677 місяців тому
Webinar - Transitioning to PCI DSS v4 - INTRO
Webinar - Preparing for a Successful Cyber Essentials and Cyber Essentials Plus Certification INTRO
Переглядів 1207 місяців тому
Webinar - Preparing for a Successful Cyber Essentials and Cyber Essentials Plus Certification INTRO
Webinar - Transitioning to ISO 27001:2022 INTRO
Переглядів 1548 місяців тому
Webinar - Transitioning to ISO 27001:2022 INTRO
Webinar - DPIAs and DTIAs - Reducing The Fear INTRO
Переглядів 3810 місяців тому
Webinar - DPIAs and DTIAs - Reducing The Fear INTRO
Webinar - Business-led Penetration Testing INTRO
Переглядів 5211 місяців тому
Webinar - Business-led Penetration Testing INTRO
Webinar - How to Conduct Business Impact Analyses (BIAs) - INTRO
Переглядів 62Рік тому
Webinar - How to Conduct Business Impact Analyses (BIAs) - INTRO
Webinar - Are You Ready for PCI DSS v4.0? - INTRO
Переглядів 269Рік тому
Webinar - Are You Ready for PCI DSS v4.0? - INTRO
Webinar - Transitioning to ISO 27001:2022 - INTRO
Переглядів 113Рік тому
Webinar - Transitioning to ISO 27001:2022 - INTRO
Webinar - How to Respond to a Data Subject Access Request (DSAR) - INTRO
Переглядів 454Рік тому
Webinar - How to Respond to a Data Subject Access Request (DSAR) - INTRO
Webinar - Penetration Tests Trends and Emerging Threats - Intro
Переглядів 64Рік тому
Webinar - Penetration Tests Trends and Emerging Threats - Intro
Webinar - Cyber Essentials: Preparing for Montpellier v3.1- INTRO
Переглядів 155Рік тому
Webinar - Cyber Essentials: Preparing for Montpellier v3.1- INTRO
URM Vlog. ISO 27001:2022 - What's New? Episode 01
Переглядів 201Рік тому
URM Vlog. ISO 27001:2022 - What's New? Episode 01
That's amazing professional International Betting APP and it will be a best opportunity for all the beginners please
For all beginners, 02:12 is very important. Take notes
Hi, please how do I access the full webinar
The background music is distracting
crisp n clear!! love the clean English.. no pigon ;-)
Very useful but background music is so loud! Would be great with no background music 🎼. Thank you
Thank you for the material.
Perfect overview of ISO 27001 Risk Management. Thank you so much.
I support all trans 🏳️⚧️
Very useful piece
amazing video, complete, clear thank you !
Can you please recommend a solution for Dual Control to meet PCI compliance?
The bg music makes it hard
Not mentioning the clause by name during the explanation, makes this video useless
Helpful video. Bu...somebody buy that guy a new microphone.
Great video, which the music wasn’t added
Great summary. Thank you
That is a very very good summary of ISO 27001. I saved for later watchings. I think, it's very useful to renew our knowledges.
This video is better than the best and it has very useful content
11 new controls introduced in the ISO 27001 2022 revision: A.5.7 Threat intelligence A.5.23 Information security for use of cloud services A.5.30 ICT readiness for business continuity A.7.4 Physical security monitoring A.8.9 Configuration management A.8.10 Information deletion A.8.11 Data masking A.8.12 Data leakage prevention A.8.16 Monitoring activities A.8.23 Web filtering A.8.28 Secure coding
great video without background music
I had to rewind several times the parts where background music was being played.
How to become qualified to work as PCI DSS analyst?
How to become qualified to work as PCI DSS analyst?
Really awesome. Please add more videos on Information security...
【p】【r】【o】【m】【o】【s】【m】
Namaste The 12 requirements of PCI DSS are: Install and maintain a firewall configuration to protect cardholder data Do not use vendor-supplied defaults for system passwords and other security parameters Protect stored cardholder data Encrypt transmission of cardholder data across open, public networks Use and regularly update anti-virus software or programs Develop and maintain secure systems and applications Restrict access to cardholder data by business need to know Assign a unique ID to each person with computer access Restrict physical access to cardholder data Track and monitor all access to network resources and cardholder data Regularly test security systems and processes Maintain a policy that addresses information security for all personnel
Please I want to contact you for a very important thing
Great info, please reduce the bg music by about 60% or remove.
music is too loud
Nice summarisation.
Great!
Great I really enjoyed this, thank you
Fantastic video, crisp n clear!! Thanks
Very well done presentation!
Excellent, easy to understand, presentation. Thank you!
Without background music, would be better
Really useful Lisa - thank you!
Thank you. Great summary.
Great video, helped me a lot! However, the background music is extremely annoying. Thanks for informative video!
painful