Cyber security management is a vital part of any business. The top-down process helps a company to define their security policy and the scope of the policy and then, through risk management, apply the appropriate security controls.
In many industries compliance to ISO27001 or similar standards is obligatory. But even outside of those industries, there is often a clear need for companies to set and maintain IT security policies. By holding personal data (even just a customer contact list) or payment card data, companies must comply with the Data Protection Act and the Payment Card Industry Data Security Standards (PCI-DSS) or face fines and other penalties.
The government is introducing new standards, known as the General Data Protection Regulations (GDPR). These will replace the Data Protection Act in 2018. Now is the time to plan for the changes you will need to make for compliance with the new regulations.
Is your business fit enough to deal with cyber security issues?
Tom Crellin can help coach your business so your cyber security management process is as strong as it can be.
This might be:
- a review of your existing polices and processes,
- a programme of introducing ISO27001 compliance in your company or
- specific, focused help with a one-off project.
Tom has both the experience and the qualifications to prove his expertise and is equally at home discussing strategy at CEO level as he is discussing the finer points of technology with the IT team.
See how Tom Crellin can help you, contact us today.