If you’re involved in the governance of a company, charity, or school, you’ll be aware of the importance of Cybersecurity.  It will probably be one of your top strategic risks.  You’ll know of the increasing prominence it gets from regulators, customers, and partners.  But do you understand the extent of the risk to your organization specifically?  Do you understand what your technical Cyber people are telling you?  Do you know if you’re dedicating enough resource and effort towards limiting the risk?  Do you know how you should fulfil your responsibilities for oversight of such a complex and rapidly changing risk?

We can help.  With over a decade of managing the Cyber risk in high-profile organisations attracting interest from capable attackers, we understand how the language of Cybersecurity can be confusing and the concept nebulous.  We know what works in helping Boards and senior business leaders to gain real insight into the extent of the risk and how well their organization is dealing with it.

What can we do for you?

·       Help your Board to understand cyber and general security risks and their mitigations.

·       Advise on meeting corporate governance expectations and regulatory compliance on Cybersecurity.

·       Advise on integrating Cyber risk mitigation into an overall security strategy.

·       Advise on organisation, skills, and technology arrangements for managing security and Cyber risks.

·       Carry out effective post-incident reviews and make achievable recommendations.

·       Mentor senior Cybersecurity managers in leadership.

Case Study

A review of your organisation’s Cybersecurity effectiveness will be delivered through engagement with senior leadership and direct technical review with your IT team or other relevant staff.  This conversation will be based on our practical experience rather than a formal security framework as these, in our view, pay insufficient attention to the balance between risk mitigation and business objective priority.    A report will be prepared and delivered, in clear business language, to your Board or Executive leadership.  At your request the report can be supplemented with a series of recommendations both for governance and for your technical teams. 

On average and depending on the complexity of your IT systems and their Cybersecurity discovery will take 5-10 days with report preparation another 5.   Most of the discovery will be in person at your premises although Teams or similar is available for convenience.