Search

BDO: Is it time to stress test your cyber strategy?

PUBLISHED: 14:48 02 February 2017 | UPDATED: 14:51 02 February 2017

Phil Hall of BDO.

Phil Hall of BDO.

Archant

One of the chancellor’s Philip Hammond’s first major announcements was the launch of the updated National Cyber Security Strategy – setting out “the government’s plan to make Britain secure and resilient in cyberspace” up to 2021.

While an update of its strategy was welcome, the government could have given more support to businesses.

The strategy document includes no specific ‘guiding principle’ that points to the need for boards to have a comprehensive understanding of their data landscape and know precisely where each version of its company’s ‘crown jewels’ resides across the IT environment. This approach is fundamental if organisations want to minimise the opportunity for cyber-criminals to steal any version of the sensitive datasets or IP.

Businesses that haven’t mapped their data landscape accurately will find it is increasingly difficult to determine whether the countermeasures they have put in place are appropriate and proportionate to the risks they face (for example, are all versions held and transmitted securely?).

Although most organisations know what their ‘crown jewels’ are, they need guidance and support to help them discover the total versions of the sensitive datasets that reside across their IT environment: copies may exist in many databases, shared storage, mobile devices, their backup and disaster recovery environments, web environment, cloud environment, on laptops/PCs or sensitive data shared with third parties or stakeholders.

All boards need to demonstrate leadership and place cyber security alongside the financial wellbeing and growth targets of the business. Equally, they need to access to the deeper skills and insights available, so that they have the tools required to meet this growing challenge.

The strategy outlines the need to develop our skills and capabilities for the future. Boards need to facilitate the change required.

A good new year’s resolution for 2017 is to commission ‘stress tests’ of the arrangements your business has in place and use the results to improve your own cyber strategy. At BDO we recommend taking steps now to ensure you have a robust strategy in place and would advise seeking guidance from your usual business adviser.

Search hundreds of local jobs at Jobs24

comments powered by Disqus
Management Jobs

Show Job Lists

Newsletter Sign Up

Sign up to receive our regular email newsletter

Insight

One of Lowestoft’s biggest employers has converted spare work space into a badminton court so staff can play their favourite sport at lunchtime.

Firms which breach data protection rules are getting off lightly and could soon face multimillion pound fines, according to a Norfolk cyber security expert.

Green 100

cover

Enjoy the Green 100
digital edition

Read
0

Meet the Team

Mark Shields

Business Editor

|

Chris Hill

Agricultural and Farming Editor

|

Business Most Read

Awards

Norfolk Future 50 EDP Business Awards Green 100