Understanding the Risks
In the face of constantly changing technology, it is becoming increasingly difficult for businesses to protect their key information assets and IT infrastructure. If your business stores personal data you may be a target from outsider attacks and have a legal obligation to ensure that this data is stored and managed securely.
“33% of small business were attacked by an unauthorised outsider in the past year”
The 2014 IT security survey conducted by PWC and commissioned by the Department for Business Innovation & Skills found that 33% of small business were attacked by an unauthorised outsider in the past year. More details on the 2014 Information Security breaches Survey report conducted by PWC can be found hereAlthough the number of security breaches affecting UK businesses has slightly decreased overall to 81% for large businesses and 60% for small businesses from 2013, the scale and cost of individual breaches has nearly doubled for small businesses with the average cost between £65k – £115k for their worst security breach incident. It is now apparent that cyber threats are a real risk for all businesses.
If your IT network is not secure can you afford to take the risk?
From a cost-benefit perspective, businesses that suffered a breach during the last year spent on average less of their IT budget on security than those that did not, with remediation actions after the breach forming the largest part of this spending. This suggests that businesses who have invested more in security defences have fewer breaches. Therefore given the rising costs of these breaches, under investment in security seems to be a false economy.
What Can We Offer
Being a proven security consultancy provider we have the skills and experience to asses you current security level. We can provide various packages from a high level office based risk assessment to a comprehensive technical and managerial review to suit both your size and budget. Once complete, we will provide you with a full report documenting the findings using a rating scale to suite and defining any remediation requirements.
The following services we offer have been tailored from our extensive experience in this field:
Free Network Vulnerability Scan
Using industry recognised tools and methodologies, our team of security professionals will perform a network vulnerability scan to evaluate the perimeter of your IT networks and provide you with an executive report on your overall security status.
Logical Security Review
As well as Vulnerability Scanning and Penetration Testing, AC Assure can also provide a more comprehensive review of your technical controls. We can assess your patching and update system, backup systems, server and workstation configurations and also your development processes. We can also assess your policies and procedures to ensure your not only secure now, but have the process in place to safeguard your security in the future.
Formal Security Assessment
The assessment will take place at the designated site and will be completed against a predefined set of standards. This may be an industry standard or one defined by our expert security consultants. This can include physical or logical security and is completed explicitly with full staff awareness. On completion of the assessment, AC Assure will provide a both a verbal debrief and a formal report recording any findings and any required remediation actions.
Detailed Security Assessment
In addition to the Formal Security Assessment described above, we will complete a more comprehensive assessment. We will look into the technical, physical and administrative controls to a much greater depth. We will also complete some Social Engineering techniques and complete a review of your Incident Management and Business Continuity plans.
Supplier or 3rd Party Assessment
Integration with other parties always includes risk. Indeed, some of the more well known security exploits of larger corporations have come from vulnerabilities in 3rd parties. To give you piece of mind and the confidence to trust another organization before you commit, AC Assure can complete a security assessment tailored to the particular integration. Having expertise in the security field, AC Assure can focus the review to the parts of the 3rd party holding your data and any extra exposure created by the business connection.
Physical Security Review
We will complete a full on-site review of the physical security of your organisation. This can include such tasks as reviewing your CCTV monitoring, review of your security guard configuration, evaluation of your pre-employment background checks and verifying your physical building security such as door and safe lock types.