Are you asking the right questions?
How to assess your cyber risk
Organisations usually have firewalls and anti-virus software in place – but this doesn’t mean they are secure. The government’s advisors at GCHQ recommend that organisations adopt a layered approach to protect their business from hackers or insider threats.
To understand the risk they face, leaders need to question what is being done beyond anti-virus.
Questions to ask include:
1. Where is our most sensitive, potentially damaging and most valuable information? Where is every copy of it? (This could be customer information, IP, investment plans, emails between executives . . . and much more). Who has access to it? What special arrangements do we have to protect it within our systems? Is access privilege managed (where people have access to only the things they need)?
2. How do we protect our sensitive data when it’s outside our perimeter? How is it protected when it’s with our lawyers, accountants, contractors, consultants, etc? How do we stay in control? How do we stop it being seen or shared by unauthorised people, or being made vulnerable by their insufficient security? How can we pull the plug remotely if we need to?
3. How do we protect the multiple devices we all use today (which are called “endpoints” by the IT world)? Are they a potential weak point of access to our systems and data?
4. What do we do about email security beyond anti-virus? Do we employ tools that strip away anything that’s potentially damaging but still allows safe information through? Technology for this now exists.
5. Do we KNOW we haven’t already been breached? If something sinister has already evaded outdated security, people often don’t know it’s there until the damage is done. Knowing sooner rather than later can’t turn back the clock, but it does give the chance to limit the damage.
Need help with the answers?
We help innovative and inspiring companies to find the answers to these questions and assess what information and cyber security arrangements are right for them. If you need help call us on 01296 621121 or contact us here.