1 12

Tech Business Newsletter

What questions could you ask yourselves?

1. Do you know how the new

working environment has affected the IT controls in different parts of the business and what risks these changes pose? 2. Do you know if the business has performed a risk assessment to identify possible network weaknesses where their susceptibility to attack has increased in the last 12 months? 3. Has staff awareness of key cyber threats been raised? Have they been told what they should look out for? Has there been testing of staff awareness with simulated phishing attempts?

4. Are you assured that security

patches on personal devices are being updated to the same standard as on-premise devices?

The cyber threats facing all of us are multifaceted and on-going, with the current key risks relating to:- Phishing Malware Unauthorised network access Denial-of-Service attacks Data breach Spyware Software weaknesses

It is important to consider the extent to which any relaxing or changes in controls has increased the risk of data loss or security breaches by recognising what has changed. That applies externally (phishing attempts) and internally (staff cyber awareness training post crisis or security patching of homeworking devices not being managed as effectively as on-site). Staff awareness and understanding of information security risk is essential. This applies to protocols around the use, management and storing of confidential data to prevent data loss, and applies to ensuring workers know how to spot cybercrime to avoid people succumbing to phishing attempts which can result in damaging malware and ransomware attacks. Current thinking shows phishing attempts and malware infections are seen as the most likely threats to arise, highlighting the importance of staff behaviour, training and awareness in minimising cyber risk.

5. Have the right people ensured

that the perimeter of the business is truly understood? Are all devices with connectivity and network access secure?

6. Have new software applications (e.g. videoconferencing software)

been adequately vetted for potential security flaws and vulnerabilities?

An independent health check review of your IT risks at this time can offer meaningful assurances to you and your business and we would be delighted to talk to you about this.

Ryan Pearcy SB Digital Director

TECH BUSINESS | SCRUTTON BLAND | 5

Made with FlippingBook Learn more on our blog