Where are the risks in your business?
According to the report “10 Steps to Cyber Security” re-issued this year by GCHQ, the responsibility to manage your organisation’s cyber risks starts and stops at board level. Basic information risk management can stop up to 80% of the cyber-attacks seen today. However, experience suggests that few organisations get this right.
According to the PwC 2015 Global State of Information Security Survey, only 25% of directors are actively involved in reviewing security and privacy risks.
You will need to:
- Establish a governance framework
- Enable and support risk management across the organisation.
- Determine your risk appetite
- Maintain the Board’s engagement with cyber risk
- Produce supporting risk management policies
Risk management is a whole life process and the organisation’s policies and processes should support and enable this. Italik’s high level security assessment uses specialist security experts to provide:
- Independent security audit
- Advice, guidance and training
- ISO27001 specialist consultants