We would like to keep you up to date with the latest news from Digitalisation World by sending you push notifications.
Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
ICT “Company of the Year” Espion, which specialises in information risk management, believes this research should serve as a wakeup call to those charged with governance and compliance to apply the same rules to information risk that are in place for other forms of corporate risk.
Espion’s Head of Consultancy, Stephen O’Boyle (B.Sc, CISA, CISSP, CISM) says: “Whether attacks from data thieves, spies or saboteurs who steal from, gain unfair advantage over or damage companies, the cyber crime threat facing UK organisations is increasing.
It is worrying to see a mere 17 per cent of these organisations have clearly set out what they see as an acceptable level of cyber risk. How an organisation manages information risk can be a key factor in its ultimate success or failure and cyber security must feature higher on the corporate agenda.”
The impact of cyber crime on a company’s reputation, share price or even existence is well documented. Espion has produced ten questions board members should ask of management to support existing strategic level discussions on cyber crime.
1. Do we have a dedicated resource responsible for information security? Who is involved in the governance of information security?
2. Have we identified our key information assets, where they exist within our enterprise or partner ecosystem?
3. Do we know how vulnerable they are to attack?
4. Do we perform a risk assessment of cyber threats against key systems identified?
5. Do we have a set of controls to protect our critical information (financially sensitive data, IP and client information) against industrial espionage, extortion, customer data loss, fiscal fraud?
6. Do we have an assurance that the controls in place are effective?
7. Do we have a security strategy in place for social media, mobile devices, cloud computing and employee use of personal devices (BYOD)?
8. Do we ensure that secure off-site backups of key data exist?
9. Do we have formal information security policies and awareness programmes in place to ensure they are understood by the entire workforce?
10. How many security incidents have we had in our organisation in the past 12 months and do we receive regular reports / intelligence on such incidents including methods and motivation?
