KJRUK has put together the following useful links.
| Regulatory Organisations | Description |
 |
The Information Commissioner’s Office ICO has very good guidance on various aspects of the existing Data Protection Act as well as the GDPR. ico.org There is a lot of useful downloadable information on data protection. |
 |
The Payment Card Industry Data Security Standard is an information security standard for organizations that handle branded credit cards from the major card schemes. pcisecuritystandards.org If you take payments through your website, do you store the credit-card or debit-card number? If so and you are a small company, you may need to be registered with the Payment Card Industry and comply with their Data Security Standards (PCI/DSS). The PCI standards for any company that processes or stores credit and debit card data are very prescriptive and the penalties for not being compliant with their requirements are very harsh. Most companies that need to trade over the Internet, even some very large PLCs will make use of a payment provider to ensure that they do not store credit or debit cards on their systems. They will simply store a payment reference number that is of no use to a criminal. |
| Business Organisations | The following are organisations that can help small business |
 |
There are a number of Cyber Security Clusters around the UK and these are aimed at helping small businesses working in the Cyber Security sector. However, the various members of your local cluster may well provide a good source of help and advice on your IT Security issues. www.ukcybersecurityforum.com |
 |
British Computer Society – Is the Chartered Institute for IT. It has a number of local branches and specialist sections and is a good starting point for increasing your IT skills. The branch meetings and presentations are generally open to members and non-members alike, so it can be a good source of information and assistance. www.bcs.org.uk |
