InfoSec Insider

By URM Consulting

The InfoSec Insider podcast brings you weekly interviews with practicing senior consultants, who draw upon their extensive experience to provide detailed and practical guidance on all things informati... more

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about InfoSec Insider:

How many episodes does InfoSec Insider have?

The podcast currently has 51 episodes available.

InfoSec Insider episodes:

September 04, 2025Getting Ready for STAIRs
In this episode of InfoSec Insider, Martin Brazier, Senior Consultant at URM, breaks down the Social Tenants Access to Information Requirements (STAIRs), a forthcoming information access standard that will give greater rights to tenants of private registered providers (PRPs). Martin leverages over 20 years of information management and data protection experience to discuss:
What the STAIRs are and how they came about
What PRPs will need to do to comply with the STAIRs
The steps organisations can take now to prepare for STAIRs compliance.
 If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here: https://www.urmconsulting.com/blog/getting-ready-for-the-social-tenant-access-to-information-requirements-stairs
You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts   
 Brought to you by URM, the UK’s leading information and cyber security specialists.
...more
17min
August 07, 2025ISO 27001 Annex A Business Continuity Controls
In this episode of InfoSec Insider, Mark O’Kane, Consultant at URM, provides key advice and guidance on the two business continuity-related controls in Annex A of ISO 27001. Mark draws upon his extensive experience helping organisations implement and certify against the Standard to discuss:
The requirements of the business continuity controls and how they help organisations security their assets during a disruption
How organisations can meet the requirements of and ensure conformance to Controls A.5.29 and A.5.30
The common mistakes organisations make when implementing and maintaining these controls, and how these mistakes can be avoided.
Learn more about this topic: https://www.urmconsulting.com/blog/iso-27001-2022-a-5-organisational-controls-business-continuity
If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider  
You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts  
Brought to you by URM, the UK’s leading information and cyber security specialists.
...more
13min
July 31, 2025Supplementing Cyber Essentials
In this episode of InfoSec Insider – Talk Cyber, George Ryan, Consultant at URM, provides his insights on the best next steps organisations can take following Cyber Essentials certification to further enhance their security. George leverages his extensive experience assisting organisations to strengthen their cyber security measures to discuss: 
What is covered by the Cyber Essentials scheme
The more advanced cyber and information security frameworks organisations can implement having achieved Cyber Essentials
How organisations can enhance their cyber and information security without implementing additional frameworks.
Learn more about this topic: https://www.urmconsulting.com/blog/supplementing-cyber-essentials
If you enjoyed this episode of InfoSec Insider – Talk Cyber, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider  
You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts  
Brought to you by URM, the UK’s leading information and cyber security specialists.
...more
18min
July 24, 2025Incident Management Controls in ISO 27001
In this episode of InfoSec Insider, Mark O’Kane, Consultant at URM, offers his insights and advice on the six incident management-related controls in Annex A of ISO 27001, which are contained within the ‘Organisational’ and ‘People’ control themes. Mark leverages his extensive experience supporting organisations to implement ISO 27001 to discuss:
The requirements of the incident management controls and how they fit into the overall aim of the ‘Organisational’ and ‘People’ control themes
How the incident management controls help organisations address information security incidents
How organisations can effectively put these controls into practice.
Learn more about this topic: https://www.urmconsulting.com/blog/iso-27001-2022-a-5-organisational-controls-incident-management
If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here:  https://ratethispodcast.com/infosecinsider 
You can find more episodes of InfoSec Insider here:   https://urmconsulting.com/podcasts 
Connect with us on LinkedIn 
Brought to you by URM, the UK’s leading information and cyber security specialists.  
...more
13min
July 17, 2025The DUA Act
In this episode of InfoSec Insider – Talk DP, Stuart Skelly, Senior Data Protection Consultant at URM, provides his insights on the Data (Use and Access) Act, which received Royal Assent on 19 June. Stuart draws upon over 25 years of specialisation in data protection law to discuss:
The background, scope, and intention of the DUA Act
How the DUA Act is expected to impact the UK’s data protection regulatory landscape, and how it may lighten the compliance burden on organisations, particularly in relation to:
Automated decision-making
International transfers of personal data
Data subject access requests (DSARs)
The Privacy and Electronic Communications Regulations (PECR)
The ‘legitimate interests’ basis for processing
Which provisions in the Act may make data protection compliance more difficult
When these changes are likely to come into force.
Learn more about this topic: https://www.urmconsulting.com/blog/dua-act-finally-becomes-law
If you enjoyed this episode of InfoSec Insider – Talk DP, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider   
You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts   
Brought to you by URM, the UK’s leading information and cyber security specialists. 
...more
33min
July 10, 2025Legal, Regulatory and Contractual Controls in ISO 27001
In this episode of InfoSec Insider, Mark O’Kane, Consultant at URM, offers his insights into the legal, regulatory and contractual-related controls (A.5.31-37) from Annex A of ISO 27001:2022 and how they can be effectively implemented by organisations. Mark draws upon his extensive experience assisting organisations to certify against the Standard to discuss:
The requirements of the legal, regulatory and contractual controls and how they fit into the overall aim of the ‘Organisational’ control theme
How the legal controls help to prevent breaches of legal, statutory, regulatory or contractual obligations related to information security
How to put controls A.5.31-37 into practice.
Learn more about this topic: https://www.urmconsulting.com/blog/iso-27001-2022-a-5-organisational-controls-legal-regulatory-and-contractual

If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider  

You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts  

Brought to you by URM, the UK’s leading information and cyber security specialists.
...more
14min
July 03, 2025Lexcel, SQM and Cyber Essentials
In this episode of InfoSec Insider – Talk Cyber, George Ryan, Consultant at URM, explores the Lexcel Practice Management Standard (Lexcel), the Specialist Quality Mark (SQM) and their relationship with the Cyber Essentials scheme. George leverages his extensive experience assisting organisations to enhance their cyber security to discuss:
What Lexcel and the SQM are, and why they are needed
How these standards relate to cyber security
How Cyber Essentials ties these standards, and how certification to the scheme can benefit law firms’ Lexcel/SQM compliance efforts
How law firms can strengthen their security further having achieved Cyber Essentials.
Learn more about this topic: https://www.urmconsulting.com/blog/understanding-lexcel-and-the-specialist-quality-mark-sqm-how-cyber-essentials-can-benefit-your-practice

If you enjoyed this episode of InfoSec Insider – Talk Cyber, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider  

You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts  

Brought to you by URM, the UK’s leading information and cyber security specialists.
...more
10min
June 26, 2025ISO 27001 Information Security Management Controls
In this episode of InfoSec Insider, Mark O’Kane, Consultant at URM, offers his insights into the information security management controls within Annex A of ISO 27001, which comprise the first eight controls of Annex A’s ‘Organisational’ control theme. Mark leverages his extensive experience supporting ISO 27001 implementations to discuss:
What the organisational controls are, and how the first eight fit into the overall aim of the ‘Organisational’ control theme
The role of management and senior leadership in relation to information security, and how leadership is linked to the creation of information security policies
The importance of segregation of duties and clearly defined roles and responsibilities in addressing information security risk
How maintaining contact with authorities, special interest groups, and threat intelligence sources can help you address both security risks that may materialise and security incidents that have occurred
Common challenges and mistakes associated with implementing these controls, and how they can be overcome.
Learn more about this topic: https://www.urmconsulting.com/blog/iso-27001-2022-a-5-organisational-controls-information-security-management
If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here:  https://ratethispodcast.com/infosecinsider 
You can find more episodes of InfoSec Insider here:  
https://urmconsulting.com/podcasts 

Brought to you by URM, the UK’s leading information and cyber security specialists.  
...more
17min
June 19, 2025ISO 27001 Access Management Controls
In this episode of InfoSec Insider, Wayne Armstrong, Senior Consultant at URM, provides his insights on the 4 controls that relate to access management in the ‘Organisational’ control theme of ISO 27001’s Annex A. Wayne leverages his 30+ of experience with information security to discuss:
The requirements of each of the following 4 controls and how your organisation can go about meeting them:
A.5.15 – Access control
A.5.16 – Identity management
A.5.17 – Authentication information
A.5.18 – Access rights.
Learn more about this topic: https://www.urmconsulting.com/blog/iso-27001-2022-a-5-organisational-controls-access-management
If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider  
You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts 
Brought to you by URM, the UK’s leading information and cyber security specialists.
...more
25min
June 12, 2025ISO 27001 Supplier Management Controls
In this episode of InfoSec Insider, Wayne Armstrong, Senior Consultant at URM, breaks down the 5 supplier management-related controls in the ‘Organisational’ control theme of ISO 27001’s Annex A. Wayne draws upon 30+ of experience with information security to discuss:
Why your organisation should consider supplier management as part of information security
What each of the following 5 controls cover and how to implement them:
A5.19 – Information security in supplier relationships
A5.20 – Addressing information security within supplier relationships
A5.21 – Managing information security in the ICT supply chain
A5.22 – Monitoring, review and change management of supplier services
A5.23 – Information security for use of cloud services.
Learn more about this topic: https://www.urmconsulting.com/blog/iso-27001-2022-a-5-organisational-controls-supplier-management
If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider  
You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts 

Brought to you by URM, the UK’s leading information and cyber security specialists.
...more
21min

FAQs about InfoSec Insider:

How many episodes does InfoSec Insider have?

The podcast currently has 51 episodes available.