Believing in Boogeymen

It seems fairly accepted these days that businesses are not doing enough in the area of Cyber Security. Progress is being made to an extent, but mostly this seems to be in businesses that are bigger targets.

Why don’t small companies worry about Cyber Security?

Continue reading “Believing in Boogeymen”

HBR: National Cyber Security Progress – UK Perspective

A recent article in Harvard Business Review, made an analysis of the US Cyber Security status and suggested “Here are four things that the private sector — and I mean CEOs, not CTOs — should be loudly and persistently demanding of Washington right now:…”
Lets take a look at these 4 issues from a UK perspective.
Continue reading “HBR: National Cyber Security Progress – UK Perspective”

Do you deploy 2 percent of your staff on Network Security?

In the blog article “Why don’t organisations adopt cyber security measures?” the Tony Dyhouse observes

A key finding in the report refers to the current practice of lumping together any company with between 1 and 250 employees as an ‘SME’.

When you think about it, that’s clearly not sensible due to the differing requirements throughout that size-band.

Obvious? Then why do we insist on a ‘one-size-fits-all’ approach for SMEs?

Further, although cyber security professionals insist the sky is falling in, most micro and small businesses don’t care because the complexity and the cost of doing something about it would threaten their existence anyway.

They often conclude that the treatment is worse than the illness as it takes away their agility and flexibility – their prime survival advantage.

While I agree with the sentiment, I suggest it is an over simplification.
Continue reading “Do you deploy 2 percent of your staff on Network Security?”

Cloud Security for SMEs

I often see postings, or hear discussions asking if the cloud is sufficiently secure for SMEs.
Like any good consultant, the appropriate answer is it depends – or does it?

Earlier this year I had the pleasure of undertaking the Cloud Security Alliance course and exam leading to the Certificate in Cloud Security Knowledge (CCSK). It quite correctly teaches a methodology assessing all factors that contribute to the risk. Good stuff, but…

Continue reading “Cloud Security for SMEs”