In this Edition
- What is Cyber
- Cyber Risks to Your Business
- The Cyber Stars Initiative
WHAT IS CYBER?
There are a plethora of definitions relating to cyber, cyberspace and cyber security, from a wide variety of subject matter experts, including Government organisations and professional institutions. In short, it can be best interpreted as computer to computer communications. A vast amount of UK business is now conducted within cyberspace, indeed the very infrastructure of our nation is controlled within this domain. Cyber attacks against your organisation, your employees and you the individual are rising year on year. UK Government research suggests that 74% of small and 90% of large businesses had security breaches in 2014. This is in part due to the lucrative financial reward but also a symptom of the ease in which an attack can be conducted. Changes to EU legislation in 2016 mean that understanding cyber security has never been so critical to business success.
CYBER RISKS TO YOUR BUSINESS
So what are the risks to YOUR business? Well this depends on your organisations risk appetite.
Your organisations cyber protection is only as good as its weakest link; the human. Money spent on expensive intruder detection systems, state-of-the-art IT equipment and fully resourced technical support teams is rendered useless if the staff that are operating your systems are unaware of the cyber risks. This is not just relevant to well informed and qualified IT professionals and network management teams, the real risk sits with the average system user. Therefore a truly effective cyber security policy must inform everyone.
Are you confident that your employees could effectively:
- Identify and report a social engineering attack?
- Identify and report a Phishing email attack?
- Display robust password management?
- Manage your online assets, company specific information, trade secrets, customer or financial data?
- Adhere to organisational and Government cyber security policies?
- Apply safe and effective home and mobile working policies?
With 90% of large businesses targeted by cyber criminals in 2014, it is unlikely to be a matter of if, but more a matter of when you are targeted. How would your organisation manage any impact? What would be your response to customers and/or shareholders? Once breached, it’s time for damage control. You may now have the issue of managing stolen customer data, disclosure of intellectual property, financial data or a company website that has been crippled. With this also comes reputational damage; the rebuilding of employee, customer or investor confidence may be a tough nut to crack.
So, with the stakes being so high, we believe that prevention, through education and the implementation of an organisational wide cyber security strategy, should be among the highest of priorities within your organisation.
The Cyber Stars initiative is aimed at increasing cyber security awareness across all areas of your organisation to ensure a holistic and effectively implemented cyber security strategy. We seek to identify and qualify nominated ‘Cyber Stars’ from within every department within your organisation, who will then have the knowledge and confidence to fulfil a cyber security representative role. By opting for a nationally recognised qualification, rather than an attendance based programme, as employer can be sure that each and every attendee has achieved a nationally recognised standard. This gives confidence that a Cyber Star can implement the policy and act as a mentor for others. On completion of their qualification Cyber Stars will also have access to the Cyber Security Information Sharing Platform (CISP), providing an opportunity to identify the most recent and relevant risks to your organisation.
Intqual-Pro deliver the only all inclusive, one day, Cyber Security Awareness for Business training package that is attached to a nationally recognised vocational qualification. Delivered by our cyber security subject matter experts, experienced across cyber departments within UK Government and the MoD, this investment will ensure that sufficient cyber security knowledge exists within all areas of your business. With this knowledge your ‘Cyber Stars’ will be ideally placed to provide the effective application, encouragement and promotion of your cyber security strategy, ensuring that your organisation is best placed to meet both the current and emerging threats within cyberspace.
WHAT CAN A CYBER STAR DO?
By enrolling your employees to Cyber Stars you not only offer them an excellent professional development opportunity, yet also encourage them to take responsibility for cyber security implementation and awareness within your business. By achieving a nationally recognised standard a Cyber Star can:
- Identify current cyber risks specific to your organisation.
- Educate colleagues on a range of cyber security issues to include access management, end point security and safe use of social media.
- Identifying security risks specific to WIFI zones.
- Assist in the implementation of effective incident response procedures.
- Ensure that colleagues are updated with latest cyber security legislation and best practice.
- Act as a point of contact for the implementation of safe mobile and home working policies.
- Provide a business wide network of cyber security knowledge to ensure both EU and ISO 27001 compliance.