‘10 Steps to Cyber Security’ Is a Good Start, But It’s Not All Fun and Cyber War Games

By   ISBuzz Team
Writer , Information Security Buzz | Feb 01, 2015 05:04 pm PST

The recent updates to the government’s cyber security policies couldn’t come at a better time, says Peter Groucutt, Managing Director at disaster recovery provider Databarracks.

Earlier this month, the government released new materials to support UK businesses in their fight against organised cyber-crime, including an updated ’10 steps to Cyber Security’ guide and a report from GCHQ detailing the most common cyber-attacks in the UK and how to prevent them. Groucutt has championed the move, arguing that the timing could not be more perfect:

“There’s no denying that cyber-crime is on the rise. Last year, we performed over 3000 data restores for our customers – a higher proportion of these than ever before were in direct response to malicious cyber-attacks like CryptoLocker. With these figures only expected to rise, 2015 is the ideal time to make a real push for cyber-security excellence within our organisations.

Free eBook: Modern Retail Security Risk – Get your copy now.

“Since June of last year when they launched the Cyber Essentials Scheme, the government has been doing some great work in making cyber security accessible to businesses of all sizes. Bigger businesses may be a greater prize to hackers, but smaller businesses tend to have weaker defences, which means that any business that holds customer data is a legitimate target.

“We conducted a report last year which revealed over a third (36 percent) of UK organisations had been affected by a cyber-threat in 2014. The more worrying figure, though, was that over half of those affected by a threat (58 percent) either made no changes to their security processes or failed to even review them following the incident. This mind-set is exactly why the Cyber Essentials Scheme is such a valuable resource, especially for SMEs who perhaps don’t have the capacity in-house for a dedicated security specialist or the budget to outsource the function.”

But, Groucutt continues, it’s important that we don’t let the more media-friendly cyber security angles overshadow the fundamentals:

“There has been a lot of media attention on the promotion of our UK cyber security companies in the US and on the cyber war games planned to test our resiliency. This isn’t necessarily a bad thing – making cyber security a matter of national interest is important. But it’s about more than that – it’s about cultivating a culture of strong cyber security within each and every one of our organisations from the top down.

“The latest updates to security policies from the government have struck a nice balance. The guidance is technical enough to be useful, without alienating any non-technical business owners. It’s making practical security guidance available to businesses of all sizes without being patronising or over-reaching in terms of the resources required. We need to ensure that, firstly, organisations know that resources are there and secondly, that they actually use them.”

About Databarracks:

databarracks_logoDatabarracks provides secure Infrastructure as a Service, Backup as a Service and Disaster Recovery as a Service from UK-based, ex-military data centres. Databarracks is certified by the Cloud Industry Forum, ISO 27001 certified for Information Security and has been selected as a provider to the G-Cloud framework.

For more information, please see: www.databarracks.com.

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x