Cyber Security is also widely known as Information Security. It’s the common term used to describe the protection of computers, networks, mobile devices and data against unauthorised or accidental access, change or destruction.
Let’s Break That Down
What do we mean by ‘unauthorised or accidental access, change or destruction’?
In Cyber Security we consider the threats that relate to unauthorised or accidental access, change or destruction. These threats, which could cause commercial or physical damage, can include:
And what do we mean by ‘The protection of computers, networks, mobile devices and data’?
The controls implemented to ensure the protection of computers, networks, mobile devices and data are:
- Administrative – the policies, procedures, guidelines and standards implemented within an organisation to communicate the do’s and don’t’s related to the use of technology
- Personnel – background checks, contracts, staff handbooks and training, to ensure suitable personnel are employed and understand their role within security
- Technical – secure architecture, anti-virus, anti-malware, intrusion protection, access control, vulnerability assessments and penetration testing to prevent unauthorised access by people or program
- Physical – the protection of the premises where computers and networks are located, including internal barriers such as zone access to ensure access is restricted to relevant personnel
How Can We Protect You?
Now we know what Cyber Security is and what the threats are what can CS Risk Management do to ensure you’re protected?
We look at the physical and logical security from your front door through to your key systems. These can be defined as:
- Physical Environment
- Logical Perimeter
- User Environment
- Server Environment
- Internal Boundary
Our mission is to provide assurance that you have sufficient security in place. We offer a number of key services to achieve this.
- ISO27001 – to ensure that your information security has appropriate management in place & is governed correctly within the organisation
- Cyber Essentials – to provide assurance that the technical controls in place at the perimeter and internal boundary levels as well as in the user and server environments are effective
- Audit & Assurance – to review the administrative, personnel, technical and physical areas of your security operations to ensure they are efficient
- Penetration testing – to test the technical area of your security including the logical perimeter, internal boundary and websites
- Training courses – to provide your personnel with the skills and knowledge to identify security threats and understand the importance of their role to the security of your organisation
Whilst we offer these services we realise that for every company their security needs are unique. With this in mind we also offer additional services such as drafting policies and procedures, reviewing system architecture, third party supplier management etc.
Contact us to discuss your requirements.