Cyber security definition
Cyber security is often confused with information security.
Cyber security focuses on protecting computer systems from unauthorised access or being otherwise damaged or made inaccessible.
Information security, is a broader category that looks to protect all information assets, whether in hard copy or in digital form.
In recent years, cyber security has fallen under media scrutiny. This can be attributed to a rapid increase of attacks, and the substantial impact to organisations.
Under the GDPR and DPA 2018 organisations must implement appropriate security measures to protect personal data - or risk substantial fines
Cyber security a critical business issue for every organisation.
Why is cyber security important?
The costs of cyber security breaches is rising
Emerging privacy laws can mean significant fines for organisations. There are also non-financial costs to be considered, like reputational damage.
Cyber attacks are increasingly sophisticated
Cyber attacks continue to grow in sophistication, with attackers using an ever-expanding variety of tactics. This includes social engineering, malware and ransomware (used for Petya, WannaCry and NotPetya).
Cyber crime is a big business
In 2018, the cyber crime economy was estimated to be worth $1.5 trillion, according to a study commissioned by Bromium. Attackers can also be driven by political, ethical or social incentives.
Cyber security is a critical, board-level issue
New regulations and reporting requirements make cyber security risk oversight a challenge. The board will continue to seek assurances from management that their cyber risk strategies will reduce the risk of attacks and limit financial and operational impacts.
What are the consequences of a cyber attack?
Cyber attacks cost organisations billions of pounds and can cause serious damage. Impacted organisations stand to lose sensitive data, and face fines and reputational damage.
Learn more about cyber crime and how it affects you >>
Learn about the cyber threats you face >>
Cyber security checklist
Boost your cyber defences with these must-have security measures:
1. Staff awareness training
Human error is the leading cause of data breaches, so you need to equip staff with the knowledge to deal with the threats they face.
Training courses will show staff how security threats affect them and help them apply best-practice advice to real-world situations.
2. Application security
Web application vulnerabilities are a common point of intrusion for cyber criminals.
As applications play an increasingly critical role in business, it is vital to focus on web application security.
3. Network security
Network security is the process of protecting the usability and integrity of your network and data. This is achieved by conducting a network penetration test, which scans your network for vulnerabilities and security issues.
4. Leadership commitment
Leadership commitment is the key to cyber resilience. Without it, it is very difficult to establish or enforce effective processes. Top management must be prepared to invest in appropriate cyber security resources, such as awareness training.
5. Password management
Almost half of the UK population uses ‘password’, ‘123456’ or ‘qwerty’ as their password. You should implement a password management policy provides guidance to ensure staff create strong passwords and keep them secure.
Start your journey to being cyber secure today
IT Governance has a wealth of security experience. For more than 15 years, we’ve helped hundreds of organisations with our deep industry expertise and pragmatic approach.
All our consultants are qualified and experienced practitioners, and our services can be tailored for organisations of all sizes.
Browse our wide range of products below to kick-start your project.