Category Archives: Security controls

Convince your board – cyber attack prevention is better than cure

Cyber attack ahead

 

 

 

 

 

 

 

 

There is a recurring message in many of the surveys about cyber security. It’s broadly this: a high number of businesses say that cyber security is an important issue – but a low number report any evidence of actually doing something about it.

The latest Cyber Security Breach Survey 2017 illustrates this perfectly. IPSOS MORI interviewed 1,523 UK businesses. In 74% of cases the directors or senior management said that cyber security is a high priority but only 20% currently provide staff with cyber security training – and only 33% have any formal policies in place. Continue reading “Convince your board – cyber attack prevention is better than cure” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Ransomware attacks – don’t let them happen to you

 

 

 

 

 

 

 

 

 

The BBC has reported there could be further ransomware attacks this week, following the global cyber-attack that saw 48 NHS Trusts, Hospitals and GPs’ surgeries become its most high profile victims.

It has taken an attack on an institution that serves to protect lives to propel ransomware onto our TV screens and newspapers – but ransomware has been around for some time and it doesn’t just target organisations the size of the NHS.

This article briefly covers what ransomware is, what happened in the attack and offers advice on how to protect your own systems – whether you are a large organisation, an SME or a solo business/operator running a single computer. Continue reading “Ransomware attacks – don’t let them happen to you” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Why basic cyber security could save you a lot of wonga

Wonga cyber attack

 

 

 

 

 

 

 

Another week, another embarrassing cyber attack. This time it’s payday lenders Wonga who are the latest high profile business to fall victim to hackers with reports suggesting 270,000 customers’ details have been stolen (of which 245,000 are in the UK) – including the last four digits of bank cards.

For a business named after the slang for money, it’s ironic that, when the dust settles – the attack may cost them a tidy sum of their own wonga – just as it did for TalkTalk. Continue reading “Why basic cyber security could save you a lot of wonga” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Cyber Insurance – can you ever be fully covered?

Cyber insurance image

 

 

 

 

 

 

 

 

Whether it be from hackers, careless employees, malicious insiders or ransomware (pick your own threat list) – organisations are under increasing risk of cyber attack. And, wherever there is a risk – there’s the option of insurance.

Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), has been around for over a decade. Now, as cyber threats grow, cyber insurance looks set to join other business insurance policies in the risk management toolkit. But, can it really adequately compensate against the consequences of an attack? Continue reading “Cyber Insurance – can you ever be fully covered?” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

5 ways to spring clean your cyber security

Cyber spring clean

 

 

 

 

 

 

 

 

 

Spring is here, the evenings are getting lighter. It’s a time when we clean and refresh for the year ahead. It’s also a time for renewal and optimism – but if there’s one area that we don’t want to experience the joys of spring it’s cyber crime.

Cyber criminals can threaten our personal security, steal intellectual property, create and distribute viruses and disrupt our critical national infrastructure. They can also target and manipulate employees (the Insider Threat) – sometimes with their co-operation, sometimes without their knowledge and attacks can remain undetected sometimes for months. Continue reading “5 ways to spring clean your cyber security” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

An ounce of prevention could be worth a ton of cyber attack cure

Cyber attack prevention or cure

 

 

 

 

 

 

 

The cyber attack on TalkTalk last year is estimated to have cost the company around £60m. Despite initial claims that the attack was ‘sophisticated’, it transpires that it was conducted by children from their homes. Not so much sophisticated as sofa-sticated!

Blaming an attack on very capable and well-resourced attackers tries to convince customers that nothing much could have been done to prevent it from happening – it’s just one of things that you have to accept if you’re going to do business in the cyber world. We disagree – there is much that can be done with a little awareness and application. Continue reading “An ounce of prevention could be worth a ton of cyber attack cure” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

“In cyber security there is no front line” – An update to the Cyber Security Model

Trench image

 

 

 

 

 

 

 

For suppliers to the MOD, change is coming. The planned roll out of CSM in August of 2016 has been delayed. We are now expecting the Cyber Security Model (CSM) to be rolled out to large suppliers from January 2017 – with a full launch by April. FATS (a commercial MOD framework) will also go live in April and it is expected to include the contractual aspects of CSM.

To be compliant with the requirements of the CSM, the MOD supply chain will need Cyber Essentials or Cyber Essentials Plus and have information security governance policies in place. 

Ascentor strongly recommend that defence industry companies prepare for CSM by gaining certification to Cyber Essentials in advance – so they are ready to respond to the new contract requirements. In our experience, the larger the business, the more complex and time consuming the process. Don’t delay and put future contracts at risk.

For assistance on any aspect of CSM or Cyber Essentials, please contact Dave James at Ascentor info@ascentor.co.uk

The following article will tell you more about the CSM…


In August 2015 Ascentor first highlighted the proposals from the MOD to manage the risk to its information from supply chain companies by introducing the Cyber Security Model (CSM). The CSM is a methodology to assess the cyber risk for individual contracts which then mandates that suppliers meet a consistent standard of cyber security.

To update our coverage of CSM, we look at recent developments ahead of the planned roll out, now expected at the end of July 2016. Continue reading ““In cyber security there is no front line” – An update to the Cyber Security Model” »

avatar

Steve Maddison

Director and Principal Consultant

More Posts

Share

Cutting through the confusion: Government Information Assurance changes explained (part 3 of 3)

Lost and confused signpost

 

 

 

 

 

 

 

Part 3 of 3. This is the third in a series of blog articles where Ascentor discusses some of the recent UK Government Information Assurance changes – and what they mean for you.

Written to be concise, they explain the essential ‘need to know’ facts and implications with links to read further should you wish.

This time our lens has a European focus as we cover two EU regulations that could have a significant impact on the protection of UK data.

In part 3 of the series, we look at:

  • Safe Harbor and Privacy Shield
  • The EU General Data Protection Regulation (GDPR)
  • The Certified Cyber Security Consultancy (CCSC) scheme

Continue reading “Cutting through the confusion: Government Information Assurance changes explained (part 3 of 3)” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

CLAS Consultancy is dead – long live the CCSC scheme?

Certified Cyber Security Consultancy

 

 

 

 

 

 

There is a new name in the information assurance (IA) consultancy world. It’s the Certified Cyber Security Consultancy (CCSC) scheme – launched in June 2015, and sponsored by CESG, with the first cohort of consultancies recently being announced.
Continue reading “CLAS Consultancy is dead – long live the CCSC scheme?” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

10 Top Tips for Writing Information Risk Appetite Statements

Cyber risk imageYou’ve probably heard risk managers and accreditors bang on about having risk appetite statements but have you ever actually seen one? If you have, the chances are it was fairly bland and practically worthless. So, if you’re ever required to produce one, where on earth do you begin? Continue reading “10 Top Tips for Writing Information Risk Appetite Statements” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

Latest Insights

Recent Comments

    • Barry Harvey: It is perhaps surprising to hear that a generation we think of as being tech savvy is anything but....
    • David Conway: I can imagine that, even at this stage, many businesses will still be blissfully unaware of this...
    • Sonja Jefferson: Are you going to be offering that training for ‘normal, non-techie people that now have...
    • Dave James: @Colin Robbins: Yes, Its really illumintaing isnt’t it. Provides a bit of context to the recent...
    • Colin Robbins: Very interesting report. I find it staggering that 26% of companies had not briefed their boards on...
  •  
    Buy Cialis in UK