GCHQ has a 4p strategy for turning the UK into a world leader in the battle against cyber crime, but how does this relate to the majority of UK business’s who just want to get on and do what they do best?
It you are a technology business, you’re likely already well entrenched in the 4p’s but if you’re not, 2 of GCHQ’s 4p’s are still relevant and should be part of any business’s IT and risk management strategy.
1. Protect – if you don’t advertise the fact that you take protecting your digital assets seriously, you effectively mark your business out as a potential easy opportunity to a cyber attack. This is the modern day equivalent of a criminal walking down the street looking to see who hasn’t got a security alarm fitted to their house and you won’t know that they have driven by until it’s too late.
So take the risk seriously and start asking questions about what you can do, take some action to protect your business and importantly, communicate that you have taken action to your customers & the world. (Because that’s includes the criminals driving by.)
The Government and GCHQ backed Cyber Essentials scheme lays out the practical measures you can take to protect your business information assets.
2. Prepare – You now have a security alarm prominent on the front of the house, but you would you leave your valuables out on the kitchen table? No, of course not, because a security alarm is no guarantee that someone won’t break in. Likewise no amount of money spend on firewalls and anti-malware software will ever be enough to create a hermetic seal around your business. If a government agency wants to hack your business, they will, so in reality you should be prepared for such an event and take reasonable steps to protect and conceal what’s inside.
Accepting that your business security may be compromised is the first step towards implementing a series of internal network security protections that have been properly thought through and actioned.
Again, follow on from your Cyber Essentials work with a risk assessment to identify your valuable data assets and take steps to lock those assets down.
So our advise – listen to GCHQ and put your business out of the reach of the worlds cyber criminals and their vision for the UK may be realised after all.
Keeping British business safe.