Home  »  Cyber Security

Cyber Security: Securing your future

The twentieth century has introduced a fundamental shift in the way organisations of every scale and geographical region operate. Regardless of whether you are in the Public Sector, Professional Services, or you manufacture, host or distribute services, or work in the Not for Profit space, there is an expectation that you have a digital presence.

Your people, supply chain partners and customers occupy an ever expanding geographical reach, and expect a robust online presence to facilitate organisation, collaboration and delivery of services. This is both a prerequisite to operate, and also a mark of your organisations ability to embrace the now and accommodate the future.

What’s at stake?

This race to remain relevant does not come without pitfalls. An online or digital presence increase your organisations reach and surface area beyond the typically manageable bricks and mortar environment we are used to.

Much like Moore’s Law (processing power doubling every two years), the exponential growth in digital touchpoints and demand on your systems introduce a new type of risk exposure.

  • There are more vulnerabilities being introduced, with the Internet of Things (IOT), Bring Your Own Device (BYOD) and the mass ‘working from home’ experiment forced by the Covid-19 pandemic.
  • There are more opportunities for errors – 48% of data breaches are as a result of systems glitches or human error.
  • There are more attack vectors than ever before, with a continually evolving threat landscape. Cyber threats do not only occur from sophisticated, state sponsored and targeted actors preying on large corporations, they can also be opportunistic, such as the theft of customer data by a disgruntled staff member, or someone acting on their behalf.

 Cyber Security is vital to any organisations overall strategy.

Take the next step:

Vassallo Associates recognises that building effective cyber security risk management capability involves more than just engaging your IT department. True cyber resilience should be a business level strategy – an organisation-wide initiative.

As a minimum, implementing an Information Security Management Standard such as ISO 27001, will give your stakeholders the confidence that your business is responsibly managing your information security risks. Developing a focus on the key elements of a cyber security framework will strengthen your digital resolve.

By treating your cyber security risk management activities as a part of your business’s overall strategy you can expect to achieve benefits in many areas, including :-

  • Improvement in operational effectiveness and resilience, which in turn increases confidence with clients, customers and partners.
  • Confidence to enter new markets and the ability to tender for clients who require a baseline cyber security standard from their partners.
  • Highly motivated staff members who are satisfied that they have been trained to be able to address the business risks posed by working in the digital age.

Vassallo Associates can work with you to inculcate an effective and culturally sensitive cyber security risk management capability based upon industry good practices. The key consideration for your system must include:

cyber security requirements

Contact us now to arrange a pro bono (no obligation) consultation to discuss your cyber security requirements.

Your contact for Cyber Security advice:

Dan Breger
Principal Consultant
Mobile: +44 (0) 797 167 8039
dan.breger@hvassallo.com

Request a call

Maritime News

Resolution MSC.428(98) – Maritime Cyber Risk Management in Safety Management Systems encourages administrations to ensure that cyber risks are appropriately addressed in existing safety management systems (as defined in the ISM Code) no later than the first annual verification of the company’s Document of Compliance after 1 January 2021. Are you prepared?

1. Leadership and Culture

Has your organisation recognised the need to integrate procedures for the control of cyber risks into your existing Safety Management System (SMS).

2. Risk Management

Have you determined your critical assets (both IT and OT), and do you have a view of the threats and vulnerabilities they are exposed to?

3. Security Control Framework

Using a framework such as NIST or ISO 27001, has your organisation established the appropriate protection and detection measures?

4. Response

Do you have a mechanism for monitoring and controlling your security environment, and when things go wrong do you have documented and exercised contingency plans in place?

5. Communications

Do all of your stakeholders (including employees, contractors and suppliers) and customers understand your approach to managing cyber risk, and the roles they are expected to take.

If you are not comfortable that you can answer all of these questions comprehensively, then Vassallo Associates can steer you towards a practicable solution and ensure you can demonstrate compliance with Resolution MSC.428(98) in a timely fashion.

We can help you implement and document the appropriate controls to comply with IMO requirements, and we can provide your stakeholders the assurance they need.