Though the examples in the video focus on the UK, the same principles apply to non-UK residents. For Australian residents, we recommend looking at https://www.cyber.gov.au/.
Please find links below to the following resources to aid you when shaping your cyber strategy:
Key 1: Board Mandate
Consider the 5 key questions for your board’s agenda which you can find on the NCSC site here
We’ve also designed a 1 pager handout with these same questions to see how well your organisation performs
Are there any areas you need to focus on as a priority?
Step 1 is to establish a risk process and consider the following controls. Of the 10 areas in this framework, which areas are strengths and which are weaknesses for your organisation?
Detailed guidance on risk management and cyber security can be found here
Key 4: Pay off Technical Debt
Consider the 5 key areas of cyber essentials which can be found here.
Has your organisation taken all of these essential technical security steps?
Is cyber essentials certification something that your organisation has considered to demonstrate to key stakeholders that your business is cyber secure?
If you would like to consider Cyber Essentials further, please contact cyber@waterstons.com
Key 5: Develop a Cyber Resilient Culture
Consider the 5 stages of the cyber resilience journey in the above video. Where would you place your organisation? Where do you want to be?
We believe that establishing regular security forums or similar meetings is a great way to develop a positive security culture and avoid a temporary project-based approach. What steps could your organisation take to consider cyber security on an ongoing basis?
