The main issue in this instance is where to start planning, and what in truth is the worst?
To start the planning phase you need to understand what the worst could be for the business, here we are talking in terms of cyber and information security. As this could be a wide-ranging question, it can be split into numerous categories depending on your business. These may include things such as internally hosted infrastructure and applications, critical cloud services, third party suppliers, customer data, company data, physical assets, and staff. The items of concern should be tailored to your business, unless you are looking to follow a best practice framework, and address security across all areas.
What is key is understanding your assets, the risks to them, and the impact these can have on your business when something goes wrong. If only there was an exercise you could perform which would assist with this, and that could be updated as the business grows.
I would advise all businesses to perform a Risk Assessment (RA) and get a Risk Register (RR) together. This is the best way to understand what risks your business faces, and how to resolve them. This then leads on to where to allocate budgets for the best results. Performing a RA usually offers great ROI; when performed by a competent professional, additional benefits and streamlining of resources usually more than covers the entire cost of the exercise.
Once done, it is now possible to understand what the worst security impacts are, and their likelihood. Is it a ransomware attack locking all systems disrupting business (very common at the moment but fairly easier to plan for), or is it a key third party supplier being breached and losing access to critical company/customer data or services (not as common but could have a huge impact and is harder to plan for)? Again, this is where having the assistance of an expert professional is vital, to derive the greatest ROI and cover all risks. Using their industry knowledge and experience they can put into perspective the likelihood of the risks and how to effectively mitigate these.
Until you have performed a RA and have a RR, in my opinion, you can never truly plan for the worst, as you don't know what it realistically could be.
To discuss performing a Risk Assessment or how to start planning get in touch.
07552 634475
We can help you understand your current security posture and where potential issues may arise all for zero cost!
I would advise all businesses to perform a Risk Assessment (RA) and get a Risk Register (RR) together. This is the best way to understand what risks your business faces, and how to resolve them. This then leads to where to allocate budgets for the best results. Performing a RA usually offers great ROI; when performed by a competent professional the additional benefits, and the streamlining of resources usually more than cover the entire cost of the exercise.
Once done, it is now possible to understand what the worst security impacts are, and their likelihood. Is it a ransomware attack locking all systems disrupting business (very common at the moment but fairly easier to plan for), or is it a key third party supplier being breached and losing access to critical company/customer data or services (not as common but could have a huge impact and is harder to plan for)? Again, this is where having the assistance of an expert professional is vital, to derive the greatest ROI and cover all risks. Using their industry knowledge and experience they can put into perspective the likelihood of the risks and how to effectively mitigate these.
Until you have performed a RA and have a RR, in my opinion, you can never truly plan for the worst, as you don't know what it realistically could be.
To discuss performing a Risk Assessment or how to start planning get in touch.
Lee Gilbank is one of the founders of Yorcybersec. When he’s not working with his clients, he geeks out on jigsaw puzzles, cycling, and playing video games with his children.
Yorcybersec Limited. All rights reserved. Privacy Policy
Registered Company Number 11786601 | 5 Carrwood Park, Leeds, LS15 4LG | 0113 3720200
