Cyberspace has revolutionised how many of us live and work. The internet, with its more than 3 billion users, is powering economic growth, increasing collaboration and innovation, and creating jobs.
Protecting key information assets is of critical importance to the sustainability and competitiveness of businesses today. Companies need to be on the front foot in terms of their cyber preparedness. Cyber security is all too often thought of as an IT issue, rather than the strategic risk management issue it actually is.
Companies benefit from managing risks across their organisations - drawing effectively on senior management support, risk management policies and processes, a risk-aware culture and the assessment of risks against objectives. There are many benefits to adopting a risk management approach to cyber security, including:
Corporate decision making is improved through the high visibility of risk exposure, both for individual activities and major projects, across the whole of the organisation.
Providing financial benefit to the organisation through the reduction of losses and improved “value for money” potential.
Organisations are prepared for most eventualities, being assured of adequate contingency plans.
Article 25 of the General Data Protection Regulation (GDPR) stipulates that “the data controller shall, both at the time of the determination of the means for processing and at the time of the processing itself, implement appropriate technical and organisational measures, which are designed to implement data-protection principles, such as data minimisation, in an effective manner and to integrate the necessary safeguards into the processing in order to meet the requirements of this Regulation and protect the rights of data subjects.”
In essence, this invokes the need for a comprehensive risk management approach to securing personal data, in order to determine the necessary safeguards required to adequately protect critical personal data. To expedite achieving compliance Octree has developed its own Information Security Audit Framework, Securapro, to allow organisations to carry out a high-level gap analysis of their security profile, identifying areas that need addressing. Based on a number of standards and certifications, including ISO27001, CyberEssentials and the Government’s 10 Steps to Cyber Security, it is a comprehensive yet easily understandable plain English programme designed to significantly reduce, or even remove, the confusion surrounding data protection and compliance.
CYBER SECURITY FOCUSES ON THE FOLLOWING 16 AREAS:
- Governance and Risk Management
- Security Awareness Training
- Data Protection / GDPR - policy
- Secure Configuration of endpoint devices
- BYOD – Bring your own Device management
- User Access Control and Password Policy, Control of Administrative User Accounts
- Business Continuity and Disaster Recovery
- Vulnerability Management
- Email Security for communicating sensitive data
- Controlling Email and Internet Usage for productivity, avoiding abuse and mitigating threats
- Physical Security of the environment
- Data disposal and Destruction
- Employee and 3rd Party Remote Access
- Staff Recruitment
- Cloud Computing Services
- Wireless Networking
To find out more about how we can resolve your IT issues please email or call us:Send us an email Call us +44 (0)1462 416400