Data and information systems are constantly under threat of a cyber-attack or data security breach. Such events could result in the loss of sensitive data, loss of data integrity or damage to the IT infrastructure and its systems, with significant consequences for your organisation’s reputation and day to day business operations. With the implementation of the General Data Protection Regulation (GDPR) in May 2018, companies can now face a maximum fine of 4% of company turnover in the event of a breach, and the pressure to report a breach within 72 hours of discovery.
Public sector organisations are particularly at risk as they tend to hold far more data than the private sector and this information is often our most personal details stored on older more vulnerable systems. The impact of cyber criminals accessing public sector information can have far reaching consequences affecting the delivery and continuity of crucial public services. It is a case of when, not if, a breach will happen. Although it is not possible to totally eliminate cyber risk there are steps that you can take to protect your financial assets, your personal data and your reputation. A cyber risk assessment will help you to define the information that you need to protect and identify any vulnerable areas that need attention. By addressing the issues, highlighting the risks and putting mitigating steps in place your organisation can be confident that when a breach occurs you can deal with the consequences quickly and effectively limiting any damage.
The assessment will enable your organisation to identify information security weaknesses in your IT infrastructure, systems, policy and procedure. The weaknesses will be documented and remedial actions and methods proposed to eliminate or significantly reduce the threat or breach.
Building from your Cyber Essentials baseline we will help you to identify and resolve other key areas of your risk exposure such as data protection and supplier assurance. The assessment will include the following steps:
Gallagher Bassett has a partnership arrangement with Broadgate Consultants for the provision of a Cyber Risk Health Check. This service falls outside of the elective day’s arrangement and there is a fee payable for this service. The Health Check provides clients with a brief review of their current cyber protection levels and provides them with recommendations to strengthen their cyber resilience. The Health Check itself will be a blend of meetings, an online assessment, a review of existing documentation and a final report presentation.
For access to further RMP Resources you may find helpful in reducing your organisation’s cost of risk, please access the RMP Resources or RMP Articles pages on our website. To join the debate follow us on our LinkedIn page.
Risk Management Partners Limited is the data controller of any personal information you provide to us or personal information that has been provided to us by a third party. We collect and process information about you in order to arrange insurance policies and to process claims. Your information is also used for business purposes such as fraud prevention and detection and financial management. This may involve sharing your information with third parties such as insurers, reinsurers, other brokers, claims handlers, loss adjusters, credit reference agencies, service providers, professional advisors, our regulators, police and government agencies or fraud prevention agencies.
We may record telephone calls to help us monitor and improve the service we provide. For further information on how your information is used and your rights in relation to your information please see our privacy notice at https://rmpartners.co.uk/privacy-policy. If you are providing personal data of another individual to us, you must tell them you are providing their information to us and show them a copy of this notice.