The COVID-19 crisis has escalated the risk of malicious cyber attacks as organisations large and small increase their reliance on remote working and online services. This page gathers together ICAEW insights and externally-produced resources providing practical advice on how to keep your IT systems and networks safe.
Clear and concise explanations are given for the most common IT security expressions, phrases, acronyms and jargon.
Find out whether you should consider encrypting your data, how encryption works in practice and what types of appropriate technical and organisational measures are common.
This example password/pass phrase policy could be used by an organisation to help protect client and employee data. It is jointly published by ICAEW's Business Law and Tech Faculty.
This is the fifth in the series of Audit insights: cyber security reports. It focuses on the substantial gap in cyber security maturity levels caused by complex legacy IT environments and how business needs to adopt a smarter approach to cyber security laws and standards.
While the fundamentals on how to protect yourself, your business and your clients remain essentially unchanged, the context in which we write about them continues to shift. Cyber criminals are always finding new means of attack and we all need to keep up to keep them out.
Features and articles
Sometimes the parting of the ways is amicable and smooth – and sometimes it is bumpy and can leave a nasty taste in the mouth!
Making sure your digital systems are secure is at the heart of risk mitigation, and it’s a conversation that needs to be held at board level, says Peter Lannon.
2019 seemed particularly bad for large-scale disruptive events, and it was, until 2020 and COVID-19 came along.
The term "stay alert" is something we have all become accustomed to in recent months as we continue through the implications of the current pandemic.
Covid-19 is creating exceptional circumstances and while the country adjusts to life under lockdown, criminals are identifying ways to exploit the vulnerable at this time of uncertainty.
Criminals thrive in times of uncertainty and fear, and the UK’s National Cyber Security Centre (NCSC) has already reported an increase in cyber threats which refer directly to the coronavirus. This guide outlines the key steps to basic cyber hygiene and highlights some useful resources.
The Data Protection Act 2018 (DPA 2018) came into force on 25 May 2018 to replace the Data Protection Act 1998. It sits alongside the General Data Protection Regulation (GDPR). This guide is part of a series that explain some of the new or more difficult concepts introduced by the DPA 2018 and the GDPR.
Finance in a Digital World
ICAEW is collaborating with Deloitte to ensure its members and students have the knowledge and skills to take advantage of the opportunities offered by the fourth industrial revolution and to meet its challenges head on. Log-in to access exclusive content, including: eLearning, webinars and bite-sized summaries on individual technologies and the broader impact of digital technologies on finance.
Webinars and recordings
40% of crime in the UK is cyber related, and within the last year there has been a spike due to COVID-19. Join this webinar to hear Jim Gee's advice on how to keep your organisation safe against the threat of cybercrime.
This webinar will highlight the five steps smaller firms can take to help prevent 80% of cyber-attacks and improve the cyber security of their firms and clients.
Gain practical advice on how to be aware of vulnerabilities and threats, securing your data and recovering from a data breach.
A short film about cyber threats and how to mitigate the risk
The Library & Information Service provides a hand-picked collection of industry press articles as a benefit of membership. If you are unable to access an article, please see our Help and support or contact firstname.lastname@example.org
Article describes how it is necessary to combine unified threat management (UTM) with other security systems and that a Chief Information Security officer (CISO) is essential to defend against cyber threats.
The authors compare two technologies; blockchain and Electronic Data Interchange (EDI) which can both be used to address an organisation's data management needs. An in-depth understanding of these needs and the available options is required.
Article looks at the Europe-wide shortage of skilled cyber security workers and what the UK Government is doing to address this shortage and whether this is enough.
The article offers information on several human factors to secure digital transformations and suggests that sourcing the latest cyber security technology to support digital transformation projects is meaningless if you fail to address your organisational culture and the people in it.
Government campaign to raise cyber security awareness. Gives advice on: protecting your device; protecting your data; and protecting your business.
Advice from the National Cyber Security Centre to help protect organisations against cyber attacks. There are three levels of engagement , two of which leads to accreditation for certified cyber security.
Practical guidance for organisations including 10 steps to cyber security. Also provides information on cyber security threats detected in the UK.
Free expert advice from the Government supported public/private partnership. Personal and business guidance is provided in areas such as hardware, information security, online safety and security, rules, guidelines and procedures, software and ways of work.
ICAEW accepts no responsibility for the content on any site to which a hypertext link from this site exists. The links are provided ‘as is’ with no warranty, express or implied, for the information provided within them. Please see the full copyright and disclaimer notice.
Data protection and privacy
A guide to the current position on transferring personal data to the US following the Schrems II judgement.
The latest updates on Data Protection.
Update July 2020.
Some of the questions and issues facing data controllers now, with regard to the COVID-19 pandemic and data protection rules, are answered by the Business Law Department.