A global cyber security company, which is headquartered in Guernsey, has advised companies not to respond in haste to recent incidents and to not commit to expensive security programs, which may fail to achieve their desired outcome, without first understanding their current security position.
Mike Allen, director of global specialist security company West Sealand International (WSI), said the concern was that the considerable amount of media coverage around General Data Protection Regulation could lead to companies committing to expenditure that does not support their strategic intent and which does not contribute to a minimisation of risk.
He is advising businesses to self-assess first so that they understand their starting position, and have a clear understanding of their areas of risk, which then allows them to direct and reframe negotiations with potential suppliers.
‘The changes to privacy and Data Protection legislation are considerable and will have a significant impact on business in the Channel Islands. There can be no doubt that businesses need to do more, but they need to first identify their current situation and areas of risk,’ he said.
David Crook, director of West Sealand Digital, said that cyber criminals don’t just target large organisations. A 2015 UK Government survey stated that 74% of SMEs had suffered a breach with the average cost to companies being between £75,000 and £311,000.
‘Anyone who has data is at risk, it isn’t just those companies in financial services who need to ensure that they have taken adequate precaution. Many SMEs don’t have the budget and the resources to employ a full-time cyber security expert, and don’t have the expertise to select which of the huge range of software and hardware products designed to protect a company’s system from attack is right for them,’ he said.
‘A self-driven, escorted evaluation of their current risk, equips most companies with the knowledge they need to have an informed discussion with potential suppliers and to target the areas from which they will derive the maximum benefit.’
West Sealand Digital (WSD), a WSI company, operates from Guernsey. Since the acquisition of Ascot Barclay Group by WSI and its rebranding, WSD has experienced significant expansion and now has consultants in Scandinavia, United Kingdom, and Saudi Arabia. The group offers a 360-degree approach to security from security masterplan design and security consultancy to specialist training services, technology and cyber security.
WSD has recently been chosen by Crossword Cybersecurity plc, a technology commercialisation company focusing exclusively on the cyber security sector as an approved partner for its cyber risk assessment tool Rizikon. It uses a Dynamic Attack Path Analysis algorithm, which is based on research carried out at the Centre for Cyber Security Sciences at the University of London, and assesses the probability of successful attack by each of seven paths which an attacker could try and breach a company.
‘We were really impressed by Rizikon as the control remains with the user. Through a simple to use, online questionnaire, it quickly builds up a cyber risk profile and GDPR Readiness. It collects that information and then produces a tailored report which either verifies that systems are appropriate or shows where the risks lie so that they can be managed effectively and efficiently,’ said West Sealand Digital director Nigel Dufty.
‘Because it’s the company answering the questions independently, their responses are measured not against a desire to sell product, but to highlight and mitigate risk. The system generated report delivers a confidential analysis of a company’s position and provides a board with the information they need to make informed decisions. West Sealand International is delighted that we have been chosen as a trusted partner to offer this low-cost but highly effective tool to the Channel Islands.’