News & Blogs
IASME in the Press
SC Congress: 'GDPR is a measure of just how seriously we take data' - SC Magazine, 10th February 2016
The growth of cyber crime: how well is your client data protected? - Lexology, 13th January 2013
The ghost of Windows XP still haunts SMBs - IT PRO, 12th November 2015
Cyber security industry urged to engage with SMEs - Computer Weekly, 11th November 2015
ISSE Berlin: Most SMEs do nothing about cyber-security - SC Magazine, 10th November 2015
Supplier must do more on cyber security, say buyers - Supply Management, 10th November
How to stop cyber-attacks on your organisation - The Guardian, 14th October 2015
Uniting against the threat - BQ Live, 31st August 2015
Essential Protection - CHARTECH, ICAEW March 2015
What the internet of things means for businesses: 10 things we learned - The Guardian, 21st July
How relevant is Cyber Essentials to your business proposition? - SC Magazine, 9th July 2015
The expert's step by step guide to cyber security - The Guardian Small Business Network, 2nd April 2015
Primary School Achieves Cyber Essentials Certification - SC Magazine, 26th March 2015
SMEs and big companies - Friends or Foes? - The Great Business Debates , 25th March 2015
FireEye Achieves Certification Within UK Cyber Essentials Scheme - MarketWatch, 19th January 2015
Malvern Hosts Cyber Training - FT, 30th September 2014
UK's first cyber essentials course to be held at Malvern - Worcester News, 30th September 2014
AIG press release about included cyber liability insurance for small companies - 20th September 2014
Britain's small cyber security firms get £4m boost - 16th September 2014
AIG offers SME protection against "hacktivists" with new cyber product - 15th September 2014
Information assurance certification gives SMEs the edge - 9th May 2013
Computer Weekly European User Awards for Security: Winners - 3rd May 2013
Chloe Smith MP keynote speech at Infosec 2013 - 23rd April 2013
ICT Knowledge Transfer Network - 27th March 2013
My News Desk - 11th March 2013
Financial Times - 25th February 2013
Vigilance Security Magazine - 14th February 2013
An Analysis of Barriers to Data Security in Small and Medium Sized Enterprises by Daniel Banks, Staffordshire University. Supervisor: Euan Wilson. Final Report for MSc in Professional Computing.
This research paper provides an insight into the reasons given by SMEs why they are reluctant to address cyber security. The findings broadly support claims in the literature that smaller businesses have a more limited approach to data security when compared to their larger counterparts. However, the findings also suggest that there is little relationship between levels of data security and number of business contacts – indicating that well connected SMEs might pose the biggest risk to larger businesses and the national infrastructure.
Based on results from Principal Component Analysis, the key barriers to improved data security in SMEs appeared to focus around the two components of data protection knowledge and risk perception. It is therefore contended that initiatives should focus on improving knowledge and risk assessment capabilities – especially as we approach a new age of mandatory data breach notification.
IASME: Information Security Management Evolution for SMEs: Henson, Richard and Dresner, Daniel and Booth, David (2011) IASME: Information Security Management Evolution for SMEs. In: ATINER 8th Annual International Conference on Small & Mediun Sized Enterprises: Management - Marketing, 1st - 4th August 2011, Athens
Information Assurance and SMEs: Research Findings to inform the development of the IASME model: Richard Henson, Senior Lecturer in Computing and Knowledge Transfer Fellow in Information Security, University of Worcester and David Booth, CESG Senior Consultant (retired).
SMEs, Information Risk Management, and ROI: Henson, Richard and Hallas, Bruce (2009) "SMEs, Information Risk Management, and ROI". In: Athens Institute for Education and Research (ATINER) SMEs Conference 2009, 10th-13th August 2009, Athens, Greece
General Articles of Interest
HMG to promote cyber security standards. See more information here.
Highlights for the Board - The ICO has now issued very comprehensive advice for organisations using personal devices (BYOD e.g. laptops, tablets, smartphones etc.) in the course of business. The key message is that the data controller must remain in control of the personal data for which he is responsible, regardless of the ownership of the device used to carry out the processing. This means you can be in breach of the Data Protection Act if personal information is compromised while stored on any BYOD personally owned device used by you or your staff (in an email, document or anything else). This makes it particularly necessary to keep firm control of the use of these devices, have a clear policy and ensure all employees follow it.
We must all take our Cyber Security seriously - The Observer
Leading Companies Adopt New Security Tools - Computer Weekly