Blogs

URM’s blog explores common pen testing mistakes & how to avoid them, and simple improvements you can immediately implement to enhance your security posture.

URM’s blog breaks down the EU AI Act and discusses its scope, requirements, how it will be enforced, how it may impact the UK & the rest of the world, and more.

URM’s blog provides a stage-by-stage breakdown of the key steps you will need to take to conduct effective supplier information security risk management.

URM’s blog outlines the top 10 most common vulnerabilities we identify when conducting pen tests, the associated risks, and how they can be fixed/avoided.

URM’s blog offers advice and guidance on how to implement and maintain an ISO 9001-aligned QMS and receive the maximum benefit from your investment.

URM’s blog reviews ICO enforcement activities for the 1st half of 2024, highlighting trends & shifts in how it enforces against data protection breaches.

URM’s blog offers advice on answering questions in the Cyber Essentials SAQ which relate to access control, admin accounts and authentication methods.

URM’s blog discusses everything you need to know about the CISMP, including its benefits, who it’s suited to, the topics the CISMP covers, and more.

URM’s blog explores a recent ECJ ruling which dictates that oral job references are covered by the GDPR

URM’s blog outlines the key steps you can take during and after a penetration test to improve your organisation’s security posture.

URM’s blog explores artificial intelligence impact assessments (AIIAs) and offers advice on how to conduct these assessments in full conformance with ISO 42001.

URM’s blog explores the data protection considerations for data analytics tools, and how to reap their many benefits while still maintaining GDPR compliance.

URM’s blog dissects the new PCI DSS requirements around targeted risk analysis, what they involve, and how the 2 types of TRA in the Standard differ.

URM’s blog drills down into the PCI DSS v4.0 requirements around forced password changes, with a particular focus on the addition of zero-trust architecture.

URM’s blog discusses how to prevent and mitigate the damage done by ransomware attacks, and how penetration testing can help your organisation avoid them.

URM’s blog explores the first formal European response to the DPDI Bill, and how the Bill may jeopardise the UK’s adequacy status when it reforms the UK GDPR.

URM’s blog explores ISO 42001, its intentions and structure, and the AI perspectives that will need to be considered by organisations implementing the Standard.

URM’s blog discusses the common pitfalls of the ISO 27001 implementation and certification process, and how you can avoid making the same mistakes.

URM’s blog drills down into ISO 27001 audits, offering advice on how to effectively develop and implement an ISO 27001 conformant audit programme.

URM’s blog discusses the data protection considerations for utilising AI technologies, and how organisations can stay GDPR compliant in their use of AI.

URM’s blog explains the wording changes in Requirement of the PCI DSS v4.0, offering advice on how organisations can select and use the most appropriate NSCs.

URM’s blog discusses the key steps to take in order to develop robust and effective business continuity plans which will enable you to recover from disruption.

URM’s blog discusses the best next steps your organisation can take following Cyber Essentials certification to further enhance its security posture.

URM’s blog discusses how to prevent and mitigate the damage done by ransomware attacks, and how penetration testing can help your organisation avoid them.

URM’s blog discusses the Data Protection and Digital Information (DPDI) Bill, how it will diverge from the current GDPR, and the impact it may have when passed.

URM’s blog answers key questions about the practicalities of PCI DSS v4.0 transition assessments and how you can best prepare for a successful v4.0 transition.

URM’s blog discusses common issues we see with Cyber Essentials and Cyber Essentials Plus certification projects, and how you can avoid making the same mistakes

URM’s blog breaks down which Articles of the GDPR have seen the greatest number of enforcement actions by the ICO, and which have gone largely unenforced.

URM’s blog provides advice and guidance on how you can meet the ISO 27001 requirements around interested parties and their needs and expectations.

URM’s blog, produced in collaboration with BSI, discusses common mistakes we have seen in early ISO 27001:2022 transitions, and how to avoid them.