Category Archives: Information Risk and Human Resources

Seven steps to designing a resilient Cyber Security Programme

Cyber attack, data breach image in shape of an eye

 

 

 

 

 

 

 

 

The reality for most organisations is that, despite their best cyber defences, they are going to experience a cyber-attack at some point. A resilient cyber security programme is all about the ability to not only deter and resist attacks – but also to detect and recover from them, returning to normal operation with minimal downtime.

Government has urged all sectors of the UK business community to improve their resilience to cyber-attacks and has introduced several initiatives to support this – such as the Cyber Essentials Scheme (CES). Of necessity, these initiatives are supportive in nature – it is still down to individual organisations to put into place the necessary strategy and technology to improve their resilience to cyber-attack. Continue reading “Seven steps to designing a resilient Cyber Security Programme” »

avatar

Peter Curran

Principal IA Consultant at Ascentor

More Posts

Follow Me:
Twitter

Share

The one-stop guide to cyber security advice (Part 2)

 

 

 

 

 

 

 

 

Last month we published the first of a two-part series on the best cyber security guides and articles on the web. It covered advice on educating your employees about cyber security, guidance for the board and tips for small and micro businesses.

The article was written for anyone increasingly concerned about the threat to their data and looking for advice – you can re-visit part-one here.

This month, in part-two, we point our lens at ransomware, the insider threat, guidance for suppliers to HM Government and there’s even a plain English guide to all that cyber security jargon. Continue reading “The one-stop guide to cyber security advice (Part 2)” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

The one-stop guide to cyber security advice (Part 1)

Best cyber guides reviewed

 

 

 

 

 

 

 

 

It’s always the big cyber security attacks that steal the headlines, but dig a little deeper and there are everyday stories of hacker inflicted misery – many of which could have been prevented.

So, if you are increasingly concerned about the threat to your own data and are looking for advice, this guide is for you.

It’s part one of a two-part series reviewing the ‘best of’ the many respected sources of cyber security advice available, with some of our most popular articles included. Continue reading “The one-stop guide to cyber security advice (Part 1)” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

2015 – The year of constant and relentless attack

iStock_000076495249_Small

 

 

 

 

 

 

 

What a turbulent year 2015 has been for cyber security – starting with the fallout from the Sony data hack and ending with the recent breach at TalkTalk. With the coverage that each breach has received, you might be mistaken in thinking that the big name PLCs were the preferred target of the cyber criminal. Far from it.

In November, Ascentor attended IA15 where we were told of the “constant and relentless attacks” on the Government’s secure internet that receives over 33,000 malicious emails each month. “This is what we don’t hear about”, said minister Matthew Hancock, but it just confirms that if you are online – whether a business or government body – you are a target.

We hope the following highlights from our 2015 blog content will help you reflect on the past year – and secure your information and strengthen your business next year, and beyond. Continue reading “2015 – The year of constant and relentless attack” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

The Human Face of Information Risk Re-visited

Screen Shot 2015-11-04 at 12.45.52

Back in July 2012, Ascentor published our own research into employee behaviour and how it relates to Information Risk. We called it ‘The Human Face of Information Risk’.

One of the most alarming findings was that over half the respondents (57%) said that there were circumstances in which they would deliberately sabotage or compromise their employer.

With the additional potential for unintentional data loss through employee negligence and error – the impact of what has become known as ‘the Insider Threat’ poses a huge issue for information risk.

Were we right to focus on the insider threat in 2012?

Fast forward to 2015 and there has barely been a week without a data breach involving some aspect of human involvement. For all the security measures that might be in place, the incidents of real people causing costly and embarrassing data compromises are still all too common. Continue reading “The Human Face of Information Risk Re-visited” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

The cyber skills shortage gap – taming the perfect storm

Cyber skills shortage imageThere is no shortage of commentary about the widening skills gap in the cyber security sector – and the numbers make for uncomfortable reading. With each widely publicised breach, the demand for qualified cyber security professionals only increases.

The burning issue for Chief Information Security Officers (CISOs) and IT security teams must be getting the skills now. But if they can’t – how much worse will it be next year, or five years from now? Continue reading “The cyber skills shortage gap – taming the perfect storm” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

10 Top Tips for Writing Information Risk Appetite Statements

Cyber risk imageYou’ve probably heard risk managers and accreditors bang on about having risk appetite statements but have you ever actually seen one? If you have, the chances are it was fairly bland and practically worthless. So, if you’re ever required to produce one, where on earth do you begin? Continue reading “10 Top Tips for Writing Information Risk Appetite Statements” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

Which cyber security breach could cause you the most pain this year?

Screen Shot 2015-01-05 at 16.30.19“Just when you thought it was safe to go back in the water…” must be one of the most parodied film lines of all time. Surely things couldn’t get any worse for the citizens of Amity back in the 1970’s – but they did. Fast forward to December 2014 and the executives at Sony Pictures must have felt the same way. But cybercriminals, like sharks, are lethal hunters and it did get worse, much, much worse.

As it turned out, what was initially thought to be commercially damaging really only scratched the surface. Far worse was to come in terms of leaked employee data and embarrassing internal memos – not to mention a diplomatic tussle with North Korea.

Continue reading “Which cyber security breach could cause you the most pain this year?” »

avatar

Dave James

Information Risk Management expert and Managing Director of Ascentor

More Posts

Follow Me:
Twitter

Share

Generation Y and information security – a cyber criminal’s dream?

Tech savvy doesn’t always mean security savvy

Tech savvy doesn’t always mean security savvy

There has been much recent coverage of the impact of Generation Y, or Millennials, on information security.

The lack of security awareness of younger workers (typically aged 18 to 30) is widely seen as a growing cause for concern – and it should be. By 2020 Generation Y will account for 50% of the working age population.

The topic was also covered at Infosecurity Europe 2014 in April which Ascentor attended – an entire session was held to explore ways to engage Generation Y with information security – suggesting that Generation Y worries less about information and IT security than the generations before them. Continue reading “Generation Y and information security – a cyber criminal’s dream?” »

avatar

Dave James

Information Risk Management expert and Managing Director of Ascentor

More Posts

Follow Me:
Twitter

Share

Vital Information Security Tips for Every Project Manager

The cyber threat is real and growing. Against this backdrop, information security is coming to the fore as a key project deliverable. Any large change risks the introduction of new security vulnerabilities into an organisation that may not have been present before. Project Managers must address the security aspects of their projects to ensure that the next major breach isn’t introduced by them!

These four simple yet crucial tips will help Project Managers focus on information security within their projects and give you the very best chance of success. Continue reading “Vital Information Security Tips for Every Project Manager” »

avatar

Martin Roberts

Senior Project Manager at Ascentor

More Posts

Share