Cyber- crime is growing and under-reported.
Many organisations have become victims of ‘phishing’ (typically a scam email), or ‘vishing’ (fraud committed over the phone) or by innocently downloading ‘malware’ (malicious software). Other organisations suffer data breaches due to a lack of website security or because of the actions of rogue employees.
The road to data security starts by you looking at the threats (both internal and external) to your information. Then look at the probability of the threats occurring and the impact on your business/ customers if it were to happen.
In simple terms this is your risk assessment upon which the organisational (polices/ procedures/ training etc.) and technical (firewalls, encryption, anti- virus software, back-ups etc.) measures you then need to take, flow from.
Some organisations prefer to put in place a formalised information management system such as ISO 27001, but many small and medium sized enterprises will prefer a less formal approach. This needs to be supported by staff training.
For further information please contact us.