“Don’t forget to lock the back door”...
...my dad would always say before we left the house. The embedded, natural inclination to mention this to me and my siblings, had developed over a period of time, Why? Well because it is one of the 3 main entry points into a house and as a result is the number one piece of advice given by the Metropolitan Police to homeowners in the UK.
Warnings from a higher authority - who have been collecting data and viewing incidents over and over again - are not to be ignored. Some of you reading this will think this is obvious, others will be reminded when they leave their house tonight, but the question I would ask, in a different security context, is why are we not yet there with our most prized assets: Money and Data?
Over 51% of SME businesses in the UK are hacked every year. I.e. The majority.
If a business is “lucky” enough, they might just make the main news headlines around the world (like JBS, North American Oil, the Met police and Solarwinds, to name a few). “Any publicity is good publicity”. Right? Well maybe not when the effect is likely to have severe consequences for stakeholders and customers.
We know that technology as a whole and the way we work is changing, which means there will be a natural lag time for standard defences to evolve and to keep up with the hackers, but the big question is not about tech itself, which can only do so much, it is about people and culture.
Most SMEs and their stakeholders don’t have access to the right guidance as and when they most need it.
In the same way we use a mortgage broker to explain the most appropriate mortgage options, our accountants to manage our finances and file our taxes, our lawyers to help navigate the law, and our IT teams to make sure our tech is working correctly, who is the expert at board level that can answer the questions around Cyber and Data Security?
Data breaches cost UK enterprises an average of $3.88 million per breach, according to IBM and Ponemon’s Cost of a Data Breach study. If you are willing to accept the risk and this cost, please be my guest, but for those of you who want to tackle this cyber pandemic head on, with advice from qualified experts sitting on your team with you, explaining risks in clear, concise layman's terms, then we would love to speak with you.
And then a little about us.
At OCiSO, we provide:
Qualified and experienced information security specialists advise owners, boards, management and other stakeholders as members of the team.
OCiSO's Virtual Chief Information Security Officers:
Raise awareness within organisations and take responsibility for setting the Cyber Security agenda.
Respond to Cyber and Data Security incidents and breaches.
Manage cyber and data compliance.
Ensure ISO Certification and Audit readiness - ISO27001, ISO 23301 and Cyber Essentials Plus.
Our V-CISOs are supported by our legal, compliance and governance team experts to ensure we meet all of the IT and Data Security requirements of our clients.
Get in touch to find out more.