Cyber Security Consultancy
And how good is your cyber security? At the very least you need to get the basics right.
Is your organisation really cyber secure?
If you are a business manager, owner or concerned stakeholder, you may wonder if your organisation is indeed cyber secure? Sure you spend money on cyber protection but is it working? Is the money well spent? The consequences of a security incident can be huge if you get it wrong and the risks are growing every day.
Chances are, if you are a SME or a medium sized business, you’ll not have access to professional cyber security expertise, so here’s some questions to think about:
- Would you know if you’d been hacked or what to do if you had?
- Does anyone know what should be on your local network, never mind what is actually on the network.
- You may have security policies but are they any good? Has anybody read them, never mind follow them? When was the last time anyone checked their effectiveness?
- You may be running quality Anti-virus software but other than reporting if known viruses were present could it report when misconfigurations are putting the organisation at risk?
- Is someone told when a rouge device connects to your network or when a malicious trojan payload has been activated during a phishing attack?
- Can you detect if someone has connected a compromised USB to the network?
- Do you even know what you are trying to protect? Is there an up-to-date register of key assets?
Are you meeting your cyber security obligations?
Does security really matter and whose checking anyway?
Many organisations are required to implement and maintain certain security frameworks or standards to perform their day-to-day business. Here’s some examples: Retailers at the very least must follow the payment security controls framework (PCI-DSS). Government suppliers should follow Cyber Essentials Plus. Suppliers to the NHS must have an acceptable DSP Toolkit submission. Some suppliers are contracted to be ISO 27001 compliant. And the list goes on.
But what about your organisation? What is the very least you should be doing?
As an organisation, if you employ anyone, at the very least you’ll be processing personal data as part of your Human Resource record keeping (e.g. paying staff) and as everyone knows, you have to protect it.
You’ve probably heard of GDPR but you may not be aware of the organisations security obligations to comply and keep it up-to-date? Sure you have cyber security defences but are they sufficient? Could you satisfy a ICO investigation? Do you implement and maintain appropriate organisational and technical controls?
At the very least you should know what you need to protect, have considered the risks, implemented the controls to remove all high risks, educated your staff and check as you go that the risks are still acceptable. Our Cyber Security Aware assessment checks your security compliance to GDPR and reports on what is done well, where there are issues and what to do to in order to make it better. Get in touch today.
+44 (0)203 397 0142
DLP Assured Services Limited
152 - 160 City Road