78% of organisations surveyed reported two or more cyber security threats occurring in 2017.*
Cybersecurity and compliance are interlinked since the newly enforced General Data Protection Regulation in May 2018.
Fundamental to its compliance is the robust and ongoing technical and physical security measures and assessments carried on out on systems and environments to ensure that personal data is adequately protected.
Our experienced team can not only provide the onsite technical assessments necessary but also the environmental, security and training analysis to support company policies and procedure.
To create the best value for clients, we would recommend considering obtaining ISO27001 accreditation, with a GDPR analysis conducted at the time of implementation. While ISO27001 does not govern all GDPR requirements, given the significant overlap, this provides clients with the best value while offering an internationally recognised validation of your business's commitment to the management of business data.
*Sensitive Data at Risk:The SANS 2017 Data Protection Survey
- Security Audits
A thorough audit typically assesses the security of a system's physical configuration & environment, software, information handling processes, and user practices. The process proves an effective approach to identifying weaknesses that are often exploited during cyberattacks.
A comprehensive security audit also forms an important criteria of compliance, both ethically and regulatory. Audits will cover the following:
- Network/ Servers
- Internet Access Policy
- Email and Communications Policy
- Network Security Policy
- Remote Access Policy
- BYOD Policy
- Encryption Policy
- Remote Access
- GDPR Consultancy
GDPR came into force in May, 2018. It emphasises transparency, security and accountability by data controllers and processors, while at the same time standardising and strengthening the right of European citizens to data privacy.
At the centre of the new law is the requirement for organisations and businesses to be fully transparent about how they are using and safeguarding personal data, and to be able to demonstrate accountability for their data processing activities.
Our team approach GDPR in phases to ensure a low impact on everyday business operations but creates measurable progress in your compliance journey.
Our team can provide:
- Gap Analysis
- Template policies and procedures
- Physical & Technical security measures assessments
- GDPR Training workshops on site
- GDPR Online Training
Whether you are beginning your GDPR journey or are considering auditing your business, feel free to speak with one of our team on (01) 291 4525.
ISO/IEC 27001 is the best-known standard requirements for an information security management system (ISMS) and helps organisations keep information assets secure.
Being ISO27001 compliant helps your organisation manage the security of assets such as financial information, intellectual property, employee details or information entrusted to you by third parties.
What is an ISMS?
An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process.
It can help small, medium and large businesses in any sector keep information assets secure.
Resilient Defence can provide your organisation with an external Lead Auditor to help you plan and conduct the process of compliance. While existing employees can be trained to become an ISO Lead Auditor, there are often challenges of workload balance, conflict of interests and budgetary restrictions with timelines extending due to everyday priorities.
ISO 27001 is a cultural change for organisations wishing to have an internationally recognised Information Security Management System.
Penetration Tests are also part of ISO 27001 certification in that a company must show evidence that a Pen Test was conducted and successful.
Why not speak to one of our team about beginning the process of obtaining ISO27001 accreditation.