Your first 3 steps
Unsure where to start with cyber security?
Follow our 3-step plan to get the biggest improvements in the shortest possible time.
Step 1: Implement Basic Technical Controls
There are 5 basic technical controls which are estimated to eliminate the vast majority of everyday threats from the internet.
If you implement these controls effectively, you can gain the government-backed certification “Cyber Essentials” and use the associated logo on your website and in other marketing materials.
This certification is becoming more and more common, is mandated for many local- and central-government contracts, and is now used as a deciding factor in many private-sector procurements.
Step 2: Train Your Staff
Tricking your users into clicking on links or opening files which are infected (known as phishing) was the most common source of security breaches reported to the ICO in 2019.
Training your users can turn them from a huge risk into a “human firewall” trained to recognize dangerous content and avoid expensive and disruptive security breaches.
Step 3: Get Systematic
Once you have the first two steps in place, you can take the time to develop a systematic approach to cyber security.
This will mean that security is designed into your processes and your staff will understand their responsibilities. This is a key data-protection requirement from the ICO under GDPR.
We recommend that you work towards IASME Governance, a security certification specifically designed for SMEs by IASME, the UK Government’s Assured Service Provider for Cyber Essentials.
If you have already completed all 3 steps, then Congratulations – you are in good shape. To take your security to the next level, check our other services via the links below.