As we move into 2019, businesses and regulatory authorities are required, more than ever, to demonstrate robust information security, business continuity as well as protection of personal identifiable information (i.e. GDPR/Data Protection Act 2018).
Whilst this may sound obvious, many small and medium-sized organisations simply have not acknowledged their vulnerability in these areas.
ITGUYS London works solely with these SMEs and we’re here to tell you that the landscape is changing.
We are seeing an upturn the number of businesses demanding proof of good IT practice before entering into a contract with a third party. And simply answering “yes” to a set of IT questions doesn’t cut it.
This article on supply chain attacks is one example of how businesses can be targeted; merely being involved with another company’s supply chain can bring you into the firing line.
Supply chain security… what can you do about it?
Get certified. Identify your risks.
The UK Government recommends that all businesses attain the Cyber Essentials certification. Businesses that don’t have this are not permitted to bid for any kind of Government contract. Even if your business does not bid for a contract, the businesses that you work with/for may well do. If this is the case, it is highly likely that those businesses will be asked about the other businesses they outsource services to (i.e. you) and asked “specifically” about the ability of such an outsourced business to survive, for example, a virus outbreak or server failure.
This no-nonsense certification will get you well along the way to understanding what you need to protect and how best to achieve this.
However, to truly understand what your actual risk is, a business needs to fully assess what information it has, where it is located and what the key business processes are.
Armed with this level of information, a company is far more likely to accurately assess where the highest levels of risk are and what can be done to contain that risk – to an acceptable level within the business. Here, we enter into the realms of information assurance.
ITGUYS can help with both Cyber Essentials as well as the most rigorous risk assessments associated with Information Assurance. So, if you’d like to discuss the above in more detail, or have any other IT related questions, please feel free to give us a call on 020 72 41 22 55 or fill out our contact form and we’ll quickly get back to you.