Data and information systems are constantly under threat of a cyber-attack or data security breach. Such events could result in the loss of sensitive data, loss of data integrity or damage to the IT infrastructure and its systems, with significant consequences for your organisation’s reputation and day to day business operations. With the implementation of the General Data Protection Regulation (GDPR) in May 2018, companies can now face a maximum fine of 4% of company turnover in the event of a breach, and the pressure to report a breach within 72 hours of discovery.
Public sector organisations are particularly at risk as they tend to hold far more data than the private sector and this information is often our most personal details stored on older more vulnerable systems. The impact of cyber criminals accessing public sector information can have far reaching consequences affecting the delivery and continuity of crucial public services. It is a case of when, not if, a breach will happen. Although it is not possible to totally eliminate cyber risk there are steps that you can take to protect your financial assets, your personal data and your reputation. A cyber risk assessment will help you to define the information that you need to protect and identify any vulnerable areas that need attention. By addressing the issues, highlighting the risks and putting mitigating steps in place your organisation can be confident that when a breach occurs you can deal with the consequences quickly and effectively limiting any damage.
The assessment will enable your organisation to identify information security weaknesses in your IT infrastructure, systems, policy and procedure. The weaknesses will be documented and remedial actions and methods proposed to eliminate or significantly reduce the threat or breach.
Building from your Cyber Essentials baseline we will help you to identify and resolve other key areas of your risk exposure such as data protection and supplier assurance. The assessment will include the following steps:
Gallagher Bassett has a partnership arrangement with Broadgate Consultants for the provision of a Cyber Risk Health Check. This service falls outside of the elective day’s arrangement and there is a fee payable for this service. The Health Check provides clients with a brief review of their current cyber protection levels and provides them with recommendations to strengthen their cyber resilience. The Health Check itself will be a blend of meetings, an online assessment, a review of existing documentation and a final report presentation.
For access to further RMP Resources you may find helpful in reducing your organisation’s cost of risk, please access the RMP Resources or RMP Articles pages on our website. To join the debate follow us on our LinkedIn page.