Archive

15
June 2023

Trustfolio Ltd Secures Certification to ISO 27001

URM would like to congratulate Trustfolio Ltd, a leading ‘debt-tech’ firm on securing certification to ISO 27001, the International Standard for Information Security Management. By obtaining ISO 27001 certification, Trustfolio has demonstrated its commitment to maintaining a proactive approach to managing information security, improving its risk management processes, and protecting sensitive information from a range of threats. - Lou Yates, Co-founder and CEO of Trustfolio comments ‘As a leading provider of superior debt solutions and advice through powerful, bespoke technology, information security is of paramount importance to Trustfolio.’

Read moreRead more
2
June 2023

URM at Oxford Business Expo

URM is pleased to announce it will be attending the Oxford Business Expo at the Kassam Stadium on Thursday, 15 June 2023.  The Expo is Oxford's largest networking event for local businesses. URM can be found on Stand 17 at the Expo, where it will be providing advice and guidance to attendees on how they can improve their information security and how they can best protect themselves against the latest cyber threats.

Read moreRead more
6
April 2023

URM Transitions to ISO 27001:2022

Having been certified to ISO 27001 since 2005, when the world’s foremost information security management standard was originally published, URM became one of the UK’s first organisations to transition to the latest version of the Standard (2022) in April 2023.  Lisa Dargan, Director, at URM comments “ISO 27001 has always been absolutely central to the consultancy, training services and products we offer, and we were delighted to be one of the first to transition to the 2022 version. Our experiences are proving invaluable too in helping to advise and guide others achieve a seamless transition.”

Read moreRead more
24
January 2023

Cyber Essentials Scheme Being Updated on 24 April 2023

On 23 January 2023, the National Cyber Security Centre (NCSC) published an updated set of requirements, version 3.1, for the Cyber Essentials Scheme which come into force on 24 April 2023.   Whilst the changes are described as being more light touch in comparison to the 2022 update, extra guidance and clarification is provided on compulsory and non-compulsory controls.  A significant number of clarification and guidance updates have been made to improve the user friendliness and accessibility of the Scheme.  Of greater significance to many organisations, 24 April 2023 represents the deferred date when they will need to meet the 2022 update requirements by protecting all Cloud-based user accounts with multi-factor authentication (MFA), removing or segregating all unsupported software and supporting all in-scope thin clients with security updates.

Read moreRead more
10
January 2023

URM Awarded Accreditation to the CREST OWASP Verification Standard

In November 2022, URM became one of the first companies in the UK to be awarded accreditation to the CREST OWASP Verification Standard (OVS ) to deliver both Level 1 and Level 2 Application Security Verification Standard (ASVS) and Mobile Application Security Verification Standard (MASVS) assessments for Web and mobile applications.

Read moreRead more
25
October 2022

ISO/IEC 27001:2022 Published on 25 October

On 25 October 2022, the International Organization for Standardization published the latest version of ISO 27001 and updated its title to ‘Information security, cybersecurity and privacy protection — Information security management systems — Requirements’.  In line with its title, this latest version of ISO 27001 reflects a broader context and that preventing, detecting and responding to cyberattacks is now considered, as well as protecting information and data.

The 2022 version of the Standard provides the updated requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS) within the context of your organisation.

Read moreRead more

URM Analyses ICO’s Enforcement Actions Since the GDPR was Introduced in 2018

Published on:
14 Mar
2024

URM’s blog breaks down which Articles of the GDPR have seen the greatest number of enforcement actions by the ICO, and which have gone largely unenforced.

Read more
Thumbnail of the Blog Illustration
Information Security
Published on:
13/3/2024
How to Meet the ISO 27001 Requirements Around Interested Parties

URM’s blog provides advice and guidance on how you can meet the ISO 27001 requirements around interested parties and their needs and expectations.

Read more
Thumbnail of the Blog Illustration
Information Security
Published on:
8/3/2024
Lessons Learnt from Early ISO 27001:2022 Transitions

URM’s blog, produced in collaboration with BSI, discusses common mistakes we have seen in early ISO 27001:2022 transitions, and how to avoid them.

Read more
Thumbnail of the Blog Illustration
Penetration Testing
Published on:
6/3/2024
What Do You Do After a Security Incident?

URM’s blog discusses the testing, assessments, exercises and reviews you can conduct following a cyber security incident to strengthen your security posture.

Read more
"
URM were super helpful and knowledgeable, talking and walking me through each one of the tests and providing some useful information on security and how to improve things in the future.
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.