Posted 07 September, 2021 at 12:39
Here at H2 we talk a lot about targeting your spend to ensure that your money is spent on protecting what is really important to you, ensuring that such protections are in the right place, configured to protect what really needs protecting, are maintained correctly and are of course, effective. So how do you do that? Do you just take a good guess at what is needed? Of course not, but it’s still a valid question. Did whoever built your network install a firewall, did they set up an effective anti malware regime ie one that is constantly updated using a process whereby users can’t stop it if it becomes inconvenient? That happens, believe me. And these are just a couple of issues that need to be addressed on going.
Your biggest business asset is your information. It is this that cyber attackers are after, be this financial information, confidential information, or business sensitive information.
Unfortunately, many businesses don’t understand the true value of their information, leading to a ‘one size fits all’ approach to cyber security which typically means some information is over protected whilst other data is under protected, both of which have monetary and threat implications. H2 has developed an industry leading Tri0ple A (Affordable, Appropriate and Accreditable) risk assessment process to remedy this, and to ensure that your information is effectively protected at the right cost. This is called the Information Risk Assessment and Management (IRAM) process.
But how do you do this? Where to start? He IRAM process works as follows:
If you have a system to help you with this, then that really is the way to go. H2 has partnered with Secure Business Data to enable us to use, and where appropriate, to sell 27K1 ISMS. This is a risk assessment tool that is specifically targeted at SMEs and is therefore very competitively priced. It can come with an annual or a monthly fee, however you prefer. We have adopted this system for use with our IRAM Service.