The Swift CSCF is a set of mandatory and advisory security controls designed to protect the global financial community against cyber threats. Banks, payment processors, and other organisations on the Swift network need to implement these controls to keep their operations secure and compliant. Each year, Swift updates the framework to address emerging threats and […]
Damla Isikdogan
ISO 27001:2022 Deadline: What You Need to Know Before October 2025
As organisations continue to navigate the ever-evolving landscape of cybersecurity and data privacy, protecting sensitive information is no longer optional – it is a necessity. ISO/IEC 27001 is the internationally recognised standard for Information Security Management Systems (ISMS), providing a systematic framework to safeguard data, mitigate risks, and demonstrate trustworthiness to stakeholders. It defines the […]
Gambling Commission ISO 27001
The Gambling Commission requires that all license holders comply with the Remote Gambling and Software Technical Standards (RTS) and that annual security audits are carried out by an independent, qualified security specialist. In May 2024, the Gambling Commission updated its Remote Gambling and Software Technical Standards (RTS) to align with ISO 27001:2022. The key changes […]
How to Get Certified to ISO 27001?
ISO 27001 is an international standard that provides a framework for Information Security Management Systems (ISMS) to provide continued confidentiality, integrity, and availability of information as well as legal compliance. The standard defines requirements an ISMS must meet, and a well-implemented ISMS provides risk management, cyber-resilience, and operational excellence. Achieving ISO 27001 certification involves […]
How to Get Certified to ISO 27701?
The ISO 27701 – Privacy Information Management Systems (PIMS) belongs to the ISO 27000 series, which is a set of standards focused on Information Security Management Systems (ISMS). It is not possible to talk about the ISO 27701 without referencing two other standards: ISO 27001 and ISO 27002, as they are very closely related, […]
Data Security and Protection Toolkit (DSPT) 2024/2025 CAF
The new DSPT for 2024/2025 is now aligned to the NCSC Cyber Assessment Framework (CAF). This version 7 of the DSPT. Organisations are required to have an independent audit assessment to the agreed CAF-aligned DSPT audit framework. Dionach can provide these independent assessments for organisations, which are required to validate self-assessment outcomes. There […]
PCI DSS 4 Requirements Becoming Mandatory End of March 2025
Overview The 51 future-dated requirements in PCI DSS 4 are becoming mandatory on 31st March 2025. Some of these requirements only apply to service providers and some may not apply to all entities, especially those using specific Self-Assessment Questionnaires (SAQs). Although some of these requirements may already be in place at an entity, some […]
Performing AWS Security Reviews: Ensuring A Holistic Approach
Ensuring a solid security posture of an organisation’s AWS accounts can be quite challenging nowadays due to the numerous service options and configurations, as well as the added burden of complying with business requirements and incumbent infrastructure. As AWS services grow in scope and complexity, organisations must adopt a systematic approach to configuring their cloud […]
How NHS Trusts Can Benefit from ISO 27001 Certification
In an era where data breaches and cyber threats are increasingly prevalent, maintaining robust information security has never been more critical. For NHS Trusts, the stakes are particularly high, given the sensitive nature of the data they handle. Achieving ISO 27001 certification can be a game-changer, offering a structured approach to managing and protecting information […]
ISO 27001 Implementation: Common Challenges and How to Overcome Them
ISO 27001 is an internationally recognised standard for information security management, offering a comprehensive framework to help organisations manage and protect their sensitive information. As data breaches and cybersecurity threats continue to rise, more businesses are adopting ISO 27001 to safeguard their assets, reputation, and customer trust. However, implementing ISO 27001 can be a challenging […]