Page 1

What are you doing about Cyber Security The impact of cybercrime is not only financial; it can cause brand damage; loss of key customers; loss of competitive advantage and market share; black listing by payment service providers; reduction in shareholder value; and expensive lawsuits and large fines from regulatory bodies for non-compliance. Many companies are still only just waking up to the real impact of cybercrime on their business, and IT consultancies have recently witnessed a surge in demand for its PCI/DSS compliance, cyber security review and incident response and management services. Today, many security incidents are as likely to originate from within a company as they are externally. Office and white-collar cybercrime is replacing blue-collar and shop floor misdemeanours, but the losses can be in the millions of pounds rather than the hundreds and thousands. Fighting external hackers is a constant war, but it is relatively straightforward to protect your information management systems and vital data from external cyber-attacks. But, it is often harder to safeguard them from people within your firewalls, who already have authorised (or even unknown) access to your data. More worryingly, many such incidents go unnoticed by management or IT until an incident is unearthed for some other reason. Before we become paranoid about the intent of our staff or external managed service providers, we should state that many internal security breaches happen inadvertently, because of poor internal security governance, systems and processes. No matter what the reason though, do you know who is accessing your IP, confidential communications and valuable client information, and for what reason? Supporting the Department of Business, Innovation and Skills (BIS) initiative, we recommend that all companies undertake, as a minimum, a review of their information security management systems against the requirements of ISO27001 to identify any shortcomings in their IT security arrangements. A competent cyber security specialist will review your security infrastructure and current level of protection against all potential threats to your data. As a minimum it should cover user access, systems and BYOD security policies and procedures, organisational structure and people, responsibilities and authorities, business processes and IT technologies, and internal and external supply chain interfaces. Once complete, you will then have a complete picture of what needs to be done to plug the gaps in your security policy and take the necessary remedial action to protect your business from fraud, loss of IP and fines for non-compliance. For more information or advice on cyber security and how you can protect your data, call us on 01789 261200, email info@cclgroupltd.com or visit http://www.cclgroupltd.com/consultancy/ccl-cyber-security-review. Maria is an specialist IT Consultant at CCL Group - the UK’s leading supplier of digital forensics and IT consultancy, including: cyber security, department transformation, computer forensics, mobile phone forensics and digital investigation services.

What are you doing about cyber security  

Serious risk to businesses can arise from commercial threats cause by an IT security breach and comprehensive information security review is...

Read more
Read more
Similar to
Popular now
Just for you