Cyber security is a hot topic today, fueled by the rise in remote and hybrid working, escalating nation-state tensions, and the affordability of launching ransomware attacks. Recently, our CEO and Founder, Rob Demain, sat down with Cybernews to share his expert insights on modern cyber security strategies, risk management solutions, and today’s biggest cyber threats.
Here’s a summary of the key takeaways from the interview with CyberNews, with a link to the full article at the end.
Key Challenges in Managing Cyber Risk
“The main challenges organisations face in terms of managing their cyber risk are a lack of people and/or in-house expertise. We support in-house teams or individuals by either fully outsourcing their Security Operations Centre (SOC) or integrating with any in-house resource to provide additional support. Our experts consult on building cyber strategies to protect key assets and identify threats and vulnerabilities, making companies more resilient over time.”
“Increasingly, organisations are coming to us with supply chain cyber security issues and we can actively monitor third-party tools, as well as review feeds and messages from partners and suppliers to reduce supply chain risk. We have been involved in delivering supply chain training to some of our customers.”
“We also work with organisations that are worried about obtaining cyber insurance. By helping them understand what insurers are asking for and how to satisfy their demands.”
Who Should Be Concerned About Cyber Security?
“The NCSC guidelines state that all organisations should assume breach, which means that no organisation is safe, and everyone should prepare accordingly. It doesn’t matter if you’re a small start-up or employ thousands of people. If your organisation has operations, IP, or even just a strategy document that attackers can access, then that can be ransomed.”
“There will be minimum cyber security requirements that certain types of organisations have to meet, which could perhaps be contractual. For example, if you’re part of the supply chain for a manufacturer or logistics company, then a competitive advantage can be gained from better cyber security. Likewise, regulated companies might need to prove that they have put certain security measures in place and are monitoring them.”
Should Small and Large Organisations Use the Same Security Measures?
“The definition here of what constitutes a small or large enterprise is a moot point in terms of cyber security risk management. A small hedge fund with just a few employees could make millions of pounds of profit and hold a large amount of data, ranging from consumer transactions to social media and app data, which attackers could target if the organisation doesn’t have a strategy or the tools to protect it. So, the employee count is less relevant.”
“However, just because an organisation grows and hits a certain number of employees or revenue, it does not mean to say that the cyber security tools in use will no longer work or that you need to massively increase the tech budget. Spending more on cyber security tools doesn’t automatically make your organisation more secure: it comes down to people, processes, and an appropriate security posture.”
“Organisations need to identify and prioritise the risks they are facing and then tailor their measures to these potential threats. So, building that roadmap and protecting your crown jewels, like data, IP, or operations, is crucial. Then, as you grow your organisation, you build more into your cyber maturity program. If you are running a business and haven’t done that yet, then start as soon as possible!”
Read the full article here on CyberNews, or get in touch to discuss any element of your cyber security.
