Optimising IT Blog

Are you a risk taker?

Are you a risk taker?

You might want to think twice before you answer that.

According to the FCA, 26% of organisations surveyed last year don’t have a board approved Information Security strategy. They also cite concerns about not having appropriate, real time records about Information Assets, relying on ad-hoc, manual processes, and rarely are older out of date systems replaced or removed as Information assets.

With Allianz citing Cyber as the #1 risk to UK business, there is increasing pressure to have an informed, approved and ongoing Information Security strategy.

So what does that look like for most organisations, in particular in the SME space?

Largely this is a ‘depends’ answer, as no two organisations are that alike and almost always have different approaches to risk. Risk, or management of risk to be more specific, is the cornerstone to any good information security approach, which is why one of the most popular Information Security standards, ISO 27001, is based on understanding and managing risk.

The challenge comes in that most organisations don’t understand their current level of risk in cyber, or, it hasn’t been portrayed in a non-technical way, leaving it very difficult to make decisions based on fact. All too often, we meet organisations that either don’t know they have a risk, or known risks haven’t been presented to the board in a way that allows an informed decision to be made.

Understand your level of risk

To help combat this, we have developed our Practical Cyber workshops to allow business leaders to better understand the level of risk they are exposed to, ask the right questions and subsequently make informed decisions about how known risks will be treated.

Prevention is better than cure. Our advice is to be proactive and not hold off determining your current level of risk in cyber. To enquire about our Practical Cyber workshops for business leaders, contact us on 0330 403 0011 or via our enquiry form.

Author: Todd Gifford, Certified Information Systems Security Professional (CISSP), Head of Consultancy at Optimising IT.

Explore our Practical Cyber workshops

Enquire about our Practical Cyber workshops

Climate Conscious IT

In short – it’s ‘IT for Good’. You can choose to offset your workforce’s carbon now, plan to offset their carbon in future, or do both for maximum impact.

Stay social

Latest post

Sharing is caring:
Facebook
Twitter
LinkedIn
Reddit
WhatsApp
Email