Tag Archives: Enforcement

BeCyberSure launches specialist EU GDPR Risk Assessment service

Information security specialist BeCyberSure has announced the launch of the “most comprehensive GDPR Risk Assessment available”. Conducted by security, risk and compliance specialists, the audit provides organisations with a definitive evaluation of their EU GDPR (General Data Protection Regulation) readiness, as well as what needs to be done to ensure compliance ahead of the 25 May 2018 deadline.

The GDPR supersedes the UK’s Data Protection Act 1998 and applies to every company that collects, processes or stores an EU citizen’s data, regardless of sector, size and geographical location. Enforcement of the GDPR is unaffected by the UK’s decision to leave the EU.

The BeCyberSure GDPR Risk Assessment is said to provide the most rigorous audit process available. The assessment is conducted on and off site by a GDPR specialist, beginning with a detailed review of company policies and governance, procedures and processes, an assessment of physical aspects (such as access to buildings and the storage of paper documents, etc.) and, if deemed necessary, an extensive digital vulnerability test. The audit also involves formal and informal (ie covert) interviews with employees as well as heads of department.

EUGDPRWeb

Carolyn Harrison, marketing director at BeCyberSure, explained that the GDPR is a company-wide issue and should not sit solely with IT.

“Our assessment begins with people, policies and processes to reveal any possible vulnerabilities that would result in non-compliance,” urged Harrison. “We then deep-dive, looking at what data the organisation is capturing, how it’s processed, what consent has been given, where it’s stored and how to dispose of all information that’s not required.” Harrison added: “The best technology in the world can be rendered useless if an open door, whether physical or digital, creates the opportunity to access to data.”

Following the audit, the host organisation is presented with a confidential Advisory Report stating what action (if any) is required to ensure GDPR compliance.

On that note, Harrison stated: “This report is invaluable in terms of benchmarking where an organisation is today, where they need to get to and the best course of action to get there. They can then choose to implement the programme of work themselves, collaborate with BeCyberSure or outsource the entire project to us.”

BeCyberSure has a senior team of GDPR auditors who have a wealth of experience with backgrounds in risk management and compliance, cyber security, policing, intelligence services and the military.

Harrison concluded: “There’s a lot of scaremongering going on about the GDPR and, while it’s true that the potential fines are eye-watering and the threat of personal liability daunting, if organisations act now, then they still have time to put the necessary safeguards in place to be GDPR-compliant. Undertaking a Risk Assessment is the first step in the due diligence process and means that organisations are not spending unnecessarily on their route to compliance.”

*For further information access www.becybersure.com

Leave a comment

Filed under Risk UK News, Uncategorized

Crossrail supports SIA-led multi-agency enforcement operation in central London

A targeted, multi-agency operation checking security licensing, visa offences and employee pay took place on Wednesday 22 January across central London.

With the support of Crossrail Limited, investigators from the Security Industry Authority (SIA) were joined by officers from the Metropolitan Police Service and officials from HM Revenue and Customs as well as Home Office Immigration and Enforcement.

The taskforce was assembled to conduct checks on individuals working on Crossrail construction sites around central London. The Crossrail project involves numerous construction sites and the employment of several private security companies to protect them.

Dave Humphries: the SIA's director of partnerships and interventions

Dave Humphries: the SIA’s director of partnerships and interventions

This partnership operation was conducted to ensure that those working across the 12 sites were correctly SIA licensed, have the right to work in the UK and were being paid at least the National Minimum Wage.

Numerous sites visited across London

The taskforce visited sites across Paddington, Bond Street, Liverpool Street, Woolwich, Plumstead and Custom House, checking 40 security officers in total. Of those inspected, 39 were correctly SIA licensed. One individual was found to be working unlicensed at Paddington. Enquiries are ongoing.

There were five warnings issued to security officers who had failed to notify the SIA of a change of their address and who failed to display their licence. Both are a breach of SIA licensing conditions.

Bill Butler: CEO at the SIA

Bill Butler: CEO at the SIA

One arrest was made on an individual suspected of breaching his visa conditions. Enquiries are being taken forward by Home Office Immigration and Enforcement.
All individuals stated that they were being paid above both the London Living Wage and the National Minimum Wage.

Dave Humphries, the SIA’s director of partnerships and interventions, said: “This SIA-led operation has been made possible with the support and co-operation of key partners. The co-operation of the enforcement partners involved shows the cross-organisational commitment to ensuring that those working on and operating construction sites are doing so legally.”

Humphries added: “The successful results of this operation will reassure the public that we will continue to work with this multi-agency approach to ensure compliance with the law.”

HMRC’s Jennie Granger, director general of enforcement and compliance, stated: “HMRC is pleased to work with our partner agencies to make sure that workers in the UK are paid what they’re entitled to and pay any tax owed, in turn creating a level playing field for employers and employees.”

Leave a comment

Filed under IFSECGlobal.com News