If I had to give only three pieces of advice to a company around information and cyber security threats, I would give the following advice.
There are plenty of good sources of information about information and cyber security on the internet and the real world. The reason that advice is there is that the threat is real, companies are being attacked all the time. Security by obscurity does not exist anymore. If you look at an email inbox you will see poorly written, easily identifiable phishing attacks this shows you are at risk. Many of the attacks (volume wise) against a company won't succeed as the attacker is poorly skilled and trying their luck but they will get luck at some point due to a lapse in concentration or some other form of human error and get to a successful completion of their attack. There are so the less frequent (low volume) more skilled attackers where you need to bolster your defences to ensure they don't succeed.
There is a lot of advice I would give companies and given a chance I will talk all week about cyber and information security. Don't let that put you off from asking for advice.
My viewpoint is security should be an enabler for your business to achieve its mission in a secure manner. Security should be pragmatic and appropriate to the risk you face, you know your company I know about security together we can develop the approach that meets your needs.
Geraint Williams Consultating Limited, a company registered in England and Wales.
VAT Registration No: 471 7838 57 | Company Registration No: 15817907
Registered Office: 86-90, Paul Street, London EC2A 4NE
Webpage design by Geraint Williams