Online Courses FAQs

Cyber Security Legislation FAQs

Are you aware of the legislation surrounding cyber security? Check out our FAQs below.

• How do I report cyber crime?

  In cases of suspected cyber-crime, you can report the incident or incidents to ActionFraud, the UK government’s cyber-crime reporting unit. To do so, visit their website at actionfraud.police.uk.

• What are ISO 27001 requirements?

  There are a range of ISO 27001 requirements – the two most important involved conducting a risk assessment and scoping the ISMS. You can find more information here.

• What are the 4 types of cyber attacks?

  There are a number of ways a cyber criminal can attack your devices and your files – some of these are as follows:

  • Phishing attacks – hackers attempt to trick a victim into following a link or downloading an infected file.
  • Ransomware – a malicious kind of software which denies access to files until a ransom is paid to the hacker.
  • DDoS attacks – a DDoS attack overwhelms a site with access requests, shutting the site down for a significant amount of time.
  • Computer viruses – a program or piece of code that changes the operating processes of a computer.

• What are the 5 internal controls?

  The five internal controls in the COSO framework are:

  1. Control Environment
  2. Risk Assessment
  3. Control Activities
  4. Information and communication
  5. Monitoring

  Learn more here.

• What are the biggest cyber threats?

  There is some debate on what cyber threats are the most dangerous to companies. However, there are four separate kinds which are regularly considered to be some of the most problematic. These include:

  • Phishing attacks – hackers attempt to trick a victim into following a link or downloading an infected file
  • Ransomware – a malicious kind of software which denies access to files until a ransom is paid to the hacker
  • DDoS attacks – a DDoS attack overwhelms a site with access requests, shutting the site down for a significant amount of time
  • Computer viruses – a program or piece of code that changes the operating processes of a computer

• What are the components of cyber law?

  With cyber law being something of a young side of international law, there are many components to the field. Many of these are detailed by the individual nations in which the cyber crime is committed.

• What are the disadvantages of cyber crime?

  Cyber crime can cause all manner of problems for most companies. Cyber criminals, having infiltrated a business’ infrastructure, can gain access to company data, client information and financial details.

  Cyber crime can also shut down a website, leading to periods of inactivity which can reduce incoming business.

• What are the NIS Regulations 2018?

  The Network and Information Systems Regulations (NIS Regulations) provide legal measures aimed at boosting the level of security of network and information systems for the provision of essential services and digital services.

• What is a cyber security attack?

  A cyber security attack is an attempt by a hacker to steal valuable and sensitive information, disrupt the operations of a website or illegally infiltrate a device which is connected to the internet.

• Why is ISO 27001 important?

  The ISO 27001 certificate is important for businesses because it demonstrates that the holder has taken the necessary steps to minimise exposure to cybercrime and to limit any potential damage. It also indicates to clients that the business’ data is contained on secure ICT systems.