Getting a security consultant to assist with your improving and assessing your security posture ensures you are making the right decisions along the way. As there are a plethora of different standards each with differing requirements it can be very overwhelming to know where to begin. With GDPR, PECR, ISO 27001, PCI-DSS and Cyber Essentials it is a minefield.
Can we assist with your upcoming project? Potentially, but it costs nothing for our services even if you don’t go with any options we put forward.
Seen as the current global gold standard in information security (apart from in the US as they didn’t found this standard, typical). This can be a large undertaking for a company and having an expert helps to save time and eliminate confusion.
If you take card payments you have to be PCI-DSS compliant. Simple! What isn’t so simple is to what level and how you can mitigate or outsource the requirements. Getting a qualified professional, a PCI QSA, can drastically reduce your overheads, requirements and the time needed to achieve and maintain compliance.
Cyber Essentials is a government backed and NCSC operated program designed to encourage companies to adopt good practice in information security. From the 1st April 2020 only IASME will be certifying this. For assistance in understanding and achieving both Cyber Essentials and Cyber Essentials Plus get in touch.
BCP and Incident Response
Do you have a Business Continuty Plan or an Incident Response plan? If you do have one have you ever checked it works? Did you just handout a playbook to key staff have them acknowledge receipt and then say job done? Testing your playbooks for when the proverbial s*** hits the fan is essential. It reduces any potential fines received, reduces the negative impact on business functions and, most importantly reduces any damage to reputation.