Services Archives - L2 Cyber Security Solutions Ltd.

Cyber Security for Charities

Liam — Wed, 10 May 2023 20:49:56 +0000

In today’s digital landscape, charities face increasing cyber threats that can compromise sensitive data and damage their reputation. Safeguarding your organisation’s information is crucial to maintaining trust and ensuring the continuity of your charitable work. By implementing simple cyber security measures, you can significantly enhance your defences. In this post, I will explore valuable tips to help your cyber security for charities and enable you to bolster your cyber security posture.

Use Multi-factor Authentication (MFA):

Implementing MFA adds an extra layer of security to your accounts by requiring multiple forms of authentication. This significantly reduces the risk of unauthorised access even if a password is compromised. Enable MFA for your email, cloud storage, social media and other critical business applications.

Implement Strong Password Policies:

Encourage your staff and volunteers to use complex passwords that include a mix of letters, numbers, and symbols. Discourage them from reusing passwords across different accounts. Consider implementing a password manager to securely generate and store strong passwords.

Educate Your Staff and Volunteers:

Start by ensuring that all staff and volunteers are aware of the importance of cyber security. Conduct at least annual training sessions to educate them about potential threats, such as phishing emails and suspicious websites. Teach them how to create strong, unique passwords and emphasise the significance of MFA.

Update Software Regularly:

Outdated software can leave your charity vulnerable to cyber attacks. Regularly update your operating systems, applications, and security software to ensure you have the latest patches and bug fixes. Enable automatic updates whenever possible to streamline the process.

Backup Your Data:

Regularly backing up your charity’s data is crucial. Choose a secure, reliable cloud-based backup solution or an offline backup method to protect your critical information. Test the restoration process periodically to ensure the backups are functioning correctly.

Secure Your Wi-Fi Network:

A secure Wi-Fi network is vital for protecting sensitive charity data. Change the default router password and ensure that you use strong encryption, such as WPA2 or WPA3. Additionally, create a separate guest network for visitors and ensure that it is isolated from your internal network.

So that is how you can do cyber security for charities

Cyber security is of paramount importance for charities, as it protects sensitive data and preserves the trust of supporters. By following these essential cyber security tips, charities can significantly strengthen their defences against cyber threats. Maintain a proactive approach to cyber security for charities, regularly review and update your security measures, and stay vigilant to evolving risks. With robust cyber security measures in place, your charity can continue making a positive impact while safeguarding its digital assets.

L2 Cyber Security can help you with all of the above if you want

We are a completely independent cyber security consultancy. We have no solutions or products to sell and are a small business, so we can focus on delivering appropriate and relevant services to this sector. Also, we offer a 10% discount on all of our standard rates to registered charities.

If you want to carry out your own cyber risk assessment, we suggest that you use the ENISA (the EU Agency for Cybersecurity) on-line assessment tool.

Let’s be careful out there.

#SecuritySimplified

The post Cyber Security for Charities appeared first on L2 Cyber Security Solutions Ltd..

Cyber Security for Small Business

Liam — Wed, 10 May 2023 17:20:24 +0000

In today’s connected world, small businesses are increasingly vulnerable to cyber threats. Protecting your business from potential breaches and data leaks is essential for maintaining trust and safeguarding your reputation. Fortunately, there are simple steps you can take to enhance your cyber security. In this post, I will discuss some valuable tips to help your cyber security for small business and stay safe in the online realm.

Use Multi-factor Authentication (MFA):

Implement Strong Password Policies:

Encourage your employees to use complex passwords that include a mix of letters, numbers, and symbols. Discourage them from reusing passwords across different accounts. Consider implementing a password manager to securely generate and store strong passwords.

Educate Your Staff:

Start by ensuring that all employees are aware of the importance of cyber security. Conduct at least annual training sessions to educate them about potential threats, such as phishing emails and suspicious websites. Teach them how to create strong, unique passwords and emphasise the significance of MFA.

Update Software Regularly:

Outdated software can leave your business vulnerable to cyber attacks. Regularly update your operating systems, applications, and security software to ensure you have the latest patches and bug fixes. Enable automatic updates whenever possible to streamline the process.

Backup Your Data:

Regularly backing up your business data is crucial. Choose a reliable cloud-based backup solution or an offline backup method to protect your critical information. Test the restoration process periodically to ensure the backups are functioning correctly.

Secure Your Wi-Fi Network:

A secure Wi-Fi network is vital for protecting sensitive business data. Change the default router password and ensure that you use strong encryption, such as WPA2 or WPA3. Additionally, create a separate guest network for visitors and ensure that it is isolated from your internal network.

So that is how you can do cyber security for small business

Protecting your small business from cyber threats should be a top priority. By following these simple cyber security tips, you can significantly enhance your defences and minimise the risk of breaches and data loss. Remember, a proactive approach to cyber security for small business is the key to keeping your business safe in the digital world. Stay vigilant and regularly review your security measures to adapt to evolving threats.

L2 Cyber Security can help you with all of the above if you want

We are a completely independent cyber security consultancy. We have no solutions or products to sell and are a small business too, so we do offer various services which are suited to this sector.

If you want to carry out your own cyber risk assessment, we suggest that you use the ENISA (the EU Agency for Cybersecurity) on-line assessment tool.

Let’s be careful out there.

#SecuritySimplified

The post Cyber Security for Small Business appeared first on L2 Cyber Security Solutions Ltd..

Legal Basis for Processing

Liam — Fri, 14 Apr 2023 14:44:07 +0000

The General Data Protection Regulation (GDPR) outlines the conditions under which there is a legal basis for processing personal data.

Download Detailed Guidance Here

The Six Lawful Bases for Processing:

To collect or use personal data legally, you cannot just "want" to do it. You must rely on one of six specific legal justifications (Article 6). If you cannot fit your processing into one of these boxes, you cannot collect the data.

You must identify and document one of these bases before you start processing data.

Consent: The individual has given you clear, specific permission to process their data for a specific purpose.
Contract: You need to process the data to fulfil a contract with the individual (e.g., you need their address to deliver goods they bought).
Legal Obligation: You are required by law to process the data (e.g., keeping salary records for tax purposes).
Vital Interests: It is a life-or-death situation (e.g., giving emergency medical data to a hospital to save someone's life).
Legitimate Interests: You have a genuine business reason (like fraud prevention or network security), and this reason is not overridden by the individual's rights or freedoms.
Public Interest: You are performing a task in the public interest or acting under official authority (usually applies to government bodies, not private companies).

1. Strict Rules for "Consent"

If you choose "Consent" as your legal basis, the bar is set very high. You must be able to prove you obtained it validly.

Freely Given: The user must have a real choice. You cannot force them to consent or punish them if they say no.
Informed: They must know exactly who you are and what you are doing with their data.
Specific: You cannot ask for "blanket consent." You must ask for permission for each specific purpose.
Clear Affirmative Action: The user must do something to consent (like ticking a box). You must also keep a record of this consent being given. Pre-ticked boxes are banned.
Easy Withdrawal: You must tell them they can withdraw consent at any time, and if they do, you must stop processing immediately.

2. Contractual Necessity

When to use it: Use this when you have a contract with an individual (or are about to enter one) and you literally cannot do your job without their data.

The Rule: The processing must be necessary for the performance of a contract to which the individual is a party.

Practical Example: If you sell a product online, you need the customer's address to deliver it. You don't need their consent for the address. You need it to fulfil the contract of sale.

Constraint: You cannot use this for things that are "nice to have" but not essential to the contract (e.g., using that same address for marketing newsletters usually requires a different basis, like Consent).

3. Legal Obligation

When to use it: Use this when you have no choice because the law says you must process the data.

The Rule: The processing is necessary for compliance with a legal obligation.

Practical Example: You are required by tax laws to keep records of employee salaries for a certain number of years. Even if an employee asks you to delete their data, you can refuse because you have a legal obligation to keep it.

Constraint: This must be a statutory obligation (EU or National law), not just a contractual obligation to a third party or your own company policy.

4. Vital Interests

When to use it: This is the "Emergency Only" basis. It applies to life-or-death situations.

The Rule: The processing is necessary to protect the vital interests of the data subject or another person.

Practical Example: If a visitor to your office collapses and is unconscious, you might disclose their medical allergies (if known) to the paramedics. You don't need to wake them up to get consent because their life (vital interest) is at risk.

Constraint: You generally cannot use this for large-scale data processing or health data unless it is truly a medical emergency.

5. Legitimate Interests

When to use it: This is the most flexible basis, often used for business activities like fraud prevention, network security, or direct marketing. However, it requires a careful "Balancing Test".

The Rule: Processing is necessary for your legitimate interests (or those of a third party), UNLESS those interests are overridden by the individual's fundamental rights and freedoms.

The "Balancing Test": You must weigh your benefit against the user's privacy:

Your side: "We need to process IP addresses to stop hackers attacking our website." (This is a strong legitimate interest).

Their side: "Does this hurt the user's privacy?" (Likely minimal impact).

Result: You can probably proceed.

Constraint: If the processing would be unexpected, cause harm, or if the individual is a child, their rights likely override your interests. You must document this assessment.

6. Public Interest / Official Authority

When to use it: This is primarily for public authorities (like schools, hospitals, police, or councils) performing their official duties.

The Rule: The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in you.

Practical Example: A local council collecting data to organise bin collection or a tax authority collecting income data.

Constraint: Private companies rarely use this unless they are contracted to carry out specific public tasks (e.g., a private utility company maintaining the water supply).

Download Detailed Guidance Here

The post Legal Basis for Processing appeared first on L2 Cyber Security Solutions Ltd..

Principles of the GDPR

Liam — Fri, 14 Apr 2023 14:37:37 +0000

The General Data Protection Regulation (GDPR) sets out the principles of the GDPR that organisations must follow when processing personal data.

Download Detailed Guidance Here

Principles of the GDPR

Here is a simplified guide to the 7 Core Principles of the GDPR (Article 5).

Think of these not just as codes, but as the "Golden Rules" for how you handle data. If you violate these principles, you are violating the GDPR, even if your security is technically perfect.

Lawfulness, Fairness, and Transparency

Your Obligation: You must be honest and open about what you are doing.

Lawful: You cannot process data just because you want to. You need a valid legal reason (like Consent or a Contract).

Fair: You shouldn't do things with data that people wouldn't expect or that could mislead them. You must give them control over their information.

Transparent: You can't hide in the shadows. You must provide clear, accessible information (usually a Privacy Notice) explaining exactly how you process their data.

Purpose Limitation

Your Obligation: Be specific about why you need the data and stick to that reason.

The Rule: You must collect data for "specified, explicit, and legitimate purposes".

No "Scope Creep": You cannot collect data for one reason (e.g., "to deliver a pizza") and then use it for a completely different reason later (e.g., "to sell their address to a gym"), unless you get fresh consent or have another clear legal reason.

Communication: You must tell the individual this purpose at the start.

Data Minimisation

Your Obligation: Collect only what you strictly need.

The Rule: Data must be adequate, relevant, and limited to what is necessary for your specific purpose.

Practical Step: If you don't need someone's date of birth to sell them a book, don't ask for it. Avoid hoarding "just in case" data.

Accuracy

Your Obligation: Keep the data correct and up to date.

The Rule: You must take reasonable steps to ensure data is not incorrect or misleading.

Correction: If you find out data is wrong, you must fix it or erase it without delay. You should also give individuals an easy way to update their own records.

Storage Limitation

Your Obligation: Don't keep data forever.

The Rule: You must not keep personal data for longer than you actually need it for your stated purpose.

Guidance: There may be a statutory requirement for a retention period (e.g. Revenue), or a supervisory body providing guidance. If neither exist, then set your own retention period and document the justification for it.

Retention Policy: You need a clear policy that says when you will delete data. When that time comes, you must securely erase or anonymise it.

Integrity and Confidentiality (Security)

Your Obligation: Keep the data safe.

The Rule: You must protect data against unauthorised access, accidental loss, destruction, or damage.

Measures: This isn't just about firewalls. It includes organisational measures like taking data backups, restricting access so only the staff who need to see the data can see it, amongst other things.

Accountability

Your Obligation: Prove it.

The Rule: It is not enough to just comply with these principles. You must be able to demonstrate that you comply.

Documentation: This requires you to have written policies, records of your processing activities, and internal procedures in place to show regulators that you take these rules seriously.

Download Detailed Guidance Here

The post Principles of the GDPR appeared first on L2 Cyber Security Solutions Ltd..

Rights of an Individual

Liam — Fri, 14 Apr 2023 13:46:30 +0000

The General Data Protection Regulation (GDPR) provides strong rights of an individual, whose personal data is being processed by organisations.

Download Detailed Guidance Here

The Rights of an Individual

The right to be informed

Article 13 and Article 14.

Your Obligation: You must be completely transparent about how you use personal data. You cannot collect data in secret; you must provide "fair processing information," typically through a Privacy Notice.

What to include: You must detail your identity and contact info (and that of your DPO), why you are processing the data and the legal basis for doing so, how long you will keep it, and who else will receive it. You must also list the users' rights, including their right to withdraw consent or lodge a complaint.

Format: The information must be concise, transparent, intelligible, easily accessible, and free of charge. It must be written in clear, plain language—especially if addressed to a child.

Timing:

Direct Collection: If you got the data straight from the individual, give them this info at the time you collect it.
Indirect Collection: If you got the data from elsewhere, you must inform the individual within a reasonable period (maximum one month), or at the point you first communicate with them or share the data with someone else.

The table below summarises the information you should supply to individuals where the personal data has been obtained either directly from the data subject or by another means.

Identity and contact details of the controller (and where applicable, the controller’s representative) and the data protection officer.	The existence of automated decision making, including profiling and information about how decisions are made, the significance and the consequences.
Any recipient or categories of recipients of the personal data.	Purpose of the processing and the legal basis for the processing.
The right to lodge a complaint with a supervisory authority.	The existence of each of data subject’s rights.
Retention period or criteria used to determine the retention period.	Details of transfers to a different country and what safeguards apply.
The right to withdraw consent at any time, where relevant.	The legitimate interests of the controller or third party, where applicable.

If the personal data was obtained directly from the data subject, then you should provide them with the above information at the time you get the personal data.

The next table summarises the information you should supply to individuals where the personal data has not been obtained directly from the data subject.

The source the personal data originates from and whether it came from publicly accessible sources.

Categories of personal data.

The right of access (Subject Access Requests)

Article 15.

Your Obligation: You must allow individuals to verify that their data is being processed lawfully. If asked, you must confirm you are processing their data and provide a copy of it.

Deadlines: You must respond without delay, and at the latest within one month.

Extension: You can extend this by two months if the request is complex or numerous, but you must notify the individual within the first month and explain why.

Fees: You generally cannot charge a fee.

Exception: You may charge a "reasonable fee" based on administrative costs only if the request is "manifestly unfounded or excessive" (e.g., repetitive) or for additional copies.

Verification: You must verify the identity of the requester using reasonable means before handing over data.

Suggested ways:

- Ask the individual to confirm details only they would know based on the data you already hold. Ask 2-3 specific questions:
  - "Please confirm the amount of your last transaction with us."
  - "What is the reference number on your most recent bill?"
  - "Please confirm the phone number we have on file for you."
- Require the user to log in to their secure account area to submit the request.
- If you must ask for photo ID, ask them to redact unnecessary information – e.g. “Please send a photo of your driving licence, but please black out your licence number and date of birth. We only need to see your name and photo”

Format: If the request is made electronically, you should provide the data in a commonly used electronic format.

The right to rectification

Article 16.

Your Obligation: You must correct inaccurate or incomplete personal data upon request.

Third Parties: If you have shared this data with other organisations, you must inform them of the correction if possible.

Deadlines: You have one month to comply. This can be extended by two months for complex requests, provided you notify the individual.

Refusal: If you decide not to take action, you must explain why and inform the individual of their right to complain to a supervisory authority.

The right to erasure ("Right to be Forgotten")

Article 17.

Your Obligation: You must delete personal data when there is no compelling reason to keep it. BUT this is not an absolute right. You are quite likely to refuse this one, as its scope is quite narrow.

When to delete: You must act if:

consent is withdrawn
the data is no longer needed for its original purpose
it was processed unlawfully
if there is a legal obligation to delete it

Special attention is required for data collected from children online.

Public Data: If you have made the data public (e.g., on a website), you must take reasonable steps to inform other controllers processing that data to erase links to or copies of it.

Exceptions: You can refuse deletion if the processing is necessary for freedom of expression, public health, contractual, legal obligations, or the defence of legal claims.

The right to restrict processing

Article 18.

Your Obligation: In specific circumstances, you must stop using the data but keep it stored. You can retain just enough info to ensure the restriction is respected in the future.

When to restrict: You must apply this if an individual contests the accuracy of data (while you verify it), if they object to processing (while you verify your legitimate grounds), or if the processing is unlawful but the individual prefers restriction over deletion.

Notification: You must inform any third parties you shared the data with about the restriction. You must also tell the individual before you lift the restriction.

The right to data portability

Article 20.

Your Obligation: You must allow individuals to obtain and reuse their data across different services by providing it in a format that allows easy transfer.

Format: Provide the data in a structured, commonly used, and machine-readable form (e.g., CSV files) so software can extract the data.

Scope: This applies only to data the individual provided to you, processed by automated means, based on consent or a contract.

Direct Transfer: If the individual asks and it is technically feasible, you should transfer the data directly to another organisation.

The right to object

Article 21.

Your Obligation: You must respect an individual's right to say "no" to processing in certain cases.

Direct Marketing: If an individual objects to direct marketing, you must stop immediately. There are no exemptions or grounds to refuse.

Legitimate Interests/Public Task: If they object to processing based on these grounds, you must stop unless you can demonstrate "compelling legitimate grounds" that override their rights, or if it is for legal claims.

Communication: You must explicitly bring this right to their attention at the point of first communication and in your privacy notice, keeping it separate from other information.

Rights in relation to automated decision making and profiling

Article 22.

Your Obligation: You must provide safeguards against potentially damaging decisions made solely by computers without human intervention.

The Right: Individuals can refuse to be subject to automated decisions that have legal or significant effects on them.

Safeguards: If you use automated decision-making, you must allow the individual to obtain human intervention, express their point of view, and obtain an explanation of the decision so they can challenge it.

Profiling: If you use profiling (analysing personal aspects like performance, health, or location), you must be transparent about the logic involved and the significance of the consequences. You must use appropriate mathematical procedures and secure the data to prevent errors or discrimination.

Download Detailed Guidance Here

The post Rights of an Individual appeared first on L2 Cyber Security Solutions Ltd..

Cyber Security Scams in the COVID19 era – webinar

Liam — Mon, 06 Apr 2020 13:38:29 +0000

The world has been put into a state of turmoil as a result of the Coronavirus COVID19 Pandemic. This hasn’t stopped the criminals from trying to exploit the situation. In this webinar on 6th April 2020 Liam Lynch, founder of L2 Cyber Security Solutions covered off:

Crisis scams: what to look for and how to protect against them
Remote working: what cyber risks do new home workers face
The Work From Home environment: securing your far flung assets

The slides for the webinar are available here.

Here is the presentation section of the webinar.

https://www.l2cybersecurity.com/wp-content/uploads/2020/04/COVID19-Webinar_first-part.mp4

www.twitter.com/L2Cyber

The post Cyber Security Scams in the COVID19 era – webinar appeared first on L2 Cyber Security Solutions Ltd..

Practical GDPR for Small Business Training

Liam — Mon, 30 Mar 2020 22:56:45 +0000

Practical GDPR for Small Business/Charity Training

Download these details

Make an enquiry

L2 Cyber Security Solutions is delighted to be able to offer the following Practical Data Protection Training, in an online and in-person format.

Title: Practical GDPR for Small Business/Charity Training.

Learning objective:

The purpose of this programme is to equip the learner with the practical knowledge to implement policies and procedures in their organisation. They will also understand the requirements for record keeping.

Content of the Practical GDPR for Small Business/Charity Training:

There are three separate modules in this training:

1. Module 1 – The basic requirements

Quick question – do you need a Data Protection Officer (DPO)?
Interpreting the GDPR’s principles
Creating a simple Data Inventory
Establishing a Data Protection Policy

2. Module 2 – The crucial documentation

What needs to be included in a right-to-be-informed page
Producing procedures to handle an individual’s rights
Knowing the kind of records you need to keep

3. Module 3 – The stuff most people forget about

Understanding Data Processing Agreements
When it hits the fan – using a Data Breach handling procedure
Securing the business with an Information Security Policy

Duration:

Each Module is 60 minutes, including ample time for Questions and Answers

Audience:

Small Business Owners or Data Protection Administrators in small businesses and charities who need to put in place policies, procedures and records keeping for the GDPR in their organisation.

Delivery Format:

Online – Presentation, using Google Meet (or your own online platform of choice).
In-person – Interactive workshop over the selected duration.

Also Included:

A link to a softcopy of any slides will be provided during the session.
Link to additional free resources would be included too.
Certificates of attendance if required.

Pricing:

Please see our website for our current prices:

https://www.l2cybersecurity.com/prices/

Contact us:

info@L2CyberSecurity.com

Follow us on Social media:

Liam is available on LinkedIn, Mastodon and YouTube.

Follow L2 Cyber on LinkedIn.

The post Practical GDPR for Small Business Training appeared first on L2 Cyber Security Solutions Ltd..

A la carte Data Protection Training

Liam — Mon, 30 Mar 2020 22:54:36 +0000

À la carte Data Protection Training

Download these details

Make an enquiry

L2 Cyber Security Solutions is delighted to be able to offer the following À la carte Data Protection Training, in an online and in-person format.

Title: À la carte Data Protection Training.

Learning objective:

The purpose of this programme is to equip the learner with the knowledge and skill to identify their organisation’s obligations to protect the personal data of the individuals that they work for and with.

Our range of topics to choose from include:

The basics:

What is Personal Data and what do we mean by processing
Comprehending the terminology of the GDPR
Do you need a Data Protection Officer (DPO)?

The important items:

Interpreting the GDPR’s principles
Knowing the rights of the individual
Understanding the appropriate legal basis for processing (incl. consent)
Data Protection by design
How to identify and handle International Transfers
Establish what other documentation is required

Documentation and Procedures:

Handling Sensitive Personal Data appropriately
Creating a simple Data Inventory
Establishing a Data Protection Policy
What needs to be included in a right-to-be-informed document
Producing procedures to handle an individual’s rights
Knowing the kind of records you need to keep
Understanding Data Processing Agreements
When it hits the fan – using a Data Breach handling procedure
Securing the business with an Information Security Policy
When and How to conduct a Data Protection Impact Assessment
What is a Legitimate Interest Assessment and how should you carry it out
What if it all goes wrong – what can the Data Protection Commission do

Duration:

Each topic is approximately 20 minutes each, including time for Questions and Answers.

Audience:

Staff, contractors or volunteers who have no or limited knowledge of data protection and specifically the GDPR legislation. Also organisations who need to put in place policies, procedures and records keeping for the GDPR in their business.

Delivery Format:

Online – Presentation, using Google Meet (or your own online platform of choice).
In-person – Interactive workshop over the selected duration.

Also Included:

A link to a softcopy of any slides will be provided during the session.
Link to additional free resources would be included too.
Certificates of attendance if required.

Pricing:

Please see our website for our current prices:

https://www.l2cybersecurity.com/prices/

Contact us:

info@L2CyberSecurity.com

Follow us on Social media:

Liam is available on LinkedIn, Mastodon and YouTube.

Follow L2 Cyber on LinkedIn.

The post A la carte Data Protection Training appeared first on L2 Cyber Security Solutions Ltd..

Staff Data Protection Awareness Training

Liam — Mon, 30 Mar 2020 22:52:57 +0000

Staff Data Protection Awareness Training

Download these details

Make an enquiry

L2 Cyber Security Solutions is delighted to be able to offer the following Staff Data Protection Training, in an online and in-person format.

Title: Data Protection Awareness Training for staff.

Learning objective:

Content of the Staff Data Protection Awareness Training:

There are three separate modules in this training.

1. Module 1 – The basics

What is Personal Data and what do we mean by processing
Comprehending the terminology of the GDPR
Interpreting the GDPR’s principles

2. Module 2 – The important stuff

Knowing the rights of the individual
Understanding the appropriate legal basis for processing (incl. consent)
Data Protection by design

3. Module 3 – What do you need to put in place

Creating a simple Data Inventory
Establish what other documentation is required
What if it all goes wrong – what can the Data Protection Commission do

Duration:

Each module is 60 minutes, including ample time for Questions and Answers.

Audience:

Staff, contractors or volunteers who have no or limited knowledge of data protection and specifically the GDPR legislation.

Delivery Format:

Online – Presentation, using Google Meet (or your own online platform of choice).
In-person – Interactive workshop over the selected duration.

Also Included:

A link to a softcopy of any slides will be provided during the session.
Link to additional free resources would be included too.
Certificates of attendance if required.

Pricing:

Please see our website for our current prices:

https://www.l2cybersecurity.com/prices/

Contact us:

info@L2CyberSecurity.com

Follow us on Social media:

Liam is available on LinkedIn, Mastodon and YouTube.

Follow L2 Cyber on LinkedIn.

The post Staff Data Protection Awareness Training appeared first on L2 Cyber Security Solutions Ltd..

Board Management Data Protection Briefing

Liam — Mon, 30 Mar 2020 22:50:22 +0000

Board/Management Data Protection Briefing

Download these details

Make an enquiry

L2 Cyber Security Solutions is delighted to be able to offer the following Board/Management Briefing, in an online and in-person format.

Title: Data Protection Briefing for Boards or Management.

Learning objective:

The purpose of this programme is to equip the members of the board/management with the knowledge of their obligations for data protection, under the GDPR and have a strategy for addressing these in their organisation.

Content of the Board/Management Briefing:

Overview of case studies since GDPR came into force in Ireland
Quick question – do you need a Data Protection Officer (DPO)?
An introduction of the organisation’s obligations
Outline an implementation strategy for the organisation

Duration:

The briefing will take 45 minutes. There will be plenty of time for Questions and Answers.

Audience:

Board members or Senior Management of organisations that want to start the journey of implementing a data protection compliance regime.

Delivery Format:

Online – Presentation, using Google Meet (or your own online platform of choice).
In-person – Interactive workshop over the selected duration.

Also Included:

A link to a softcopy of any slides will be provided during the session.
Link to additional free resources would be included too.
Certificates of attendance if required.

Pricing:

Please see our website for our current prices:

https://www.l2cybersecurity.com/prices/

Contact us:

info@L2CyberSecurity.com

Follow us on Social media:

Liam is available on LinkedIn, Mastodon and YouTube.

Follow L2 Cyber on LinkedIn.

The post Board Management Data Protection Briefing appeared first on L2 Cyber Security Solutions Ltd..