Cybercrime and threats to computer systems have become a major concern of businesses around the world. Our growing reliance on IT and the internet has greatly increased the impact of hacking, security failures and the loss of systems. At the same time, cyber attackers have become more sophisticated and organised. How worried should businesses be? And what are the main steps they should be taking? This resource centre provides a focal point for ICAEW members looking for support in managing cyber risks.
What more could have been done to lessen the effects of the attack?
Against a background of rising populism, crushing austerity and climate change, infrastructure has suffered. Here, Henry Teitelbaum explains how global risks demand sharper focus on the matter.
Neil Hare-Brown looks at the various ways boards should be empowering effective cyber risk management.
A decade on from the financial crisis in 2008, there are still no coherent guidelines for risk in financial services. Peter Neville Lewis looks at the challenges and provides answers.
This guide provides an overview of a cyber attack response plan. Organisations of all sizes and types should download this plan today in readiness for when a cyber incident takes place. This will help reduce your business risk and improve business resiliency.
How to recover in the event of a data breach. This guide draws on expert insights from our volunteers and members, with some very helpful case studies outlining real life examples – one of which is a ransomware example similar to the scenario above, and where the firm did have a backup.
Use of Cloud services continues to grow rapidly.
Cyber Essentials is a Government-backed and industry supported scheme to guide businesses in protecting themselves against cyber threats. Certification against this scheme is increasingly required for any company bidding for government contracts and sometimes their supply chain too.
Navigating the expanding landscape of information security standards can be a challenge. If you don't know your PCI DSS from your ISO 27001, Lesley Meall's at-a-glance guide can help.
The General Data Protection Regulation (GDPR) came into force on 25 May 2018. It applies to everyone trading within the EEA (including UK individuals and organisations).
ICAEW is collaborating with Deloitte to ensure its members and students have the knowledge and skills to take advantage of the opportunities offered by the fourth industrial revolution and to meet its challenges head on. Log-in to access exclusive content, including: eLearning, webinars and bite-sized summaries on individual technologies and the broader impact of digital technologies on finance.
A short film about cyber threats and how to mitigate the risk
Join Mark Taylor and David Lyford-Smith of ICAEW, and Aynsley Damery of the Clarity Project, for the second in our series of IT Faculty ‘Tech Talks’, this time on the subject of blockchain, cryptocurrencies, and how these will affect the future of the accountancy profession.
Stuart Jubb, MD of Consulting at Crossword Cybersecurity, and Nikki Cole, an experienced Non-Executive Director, discuss the processes that Boards should have in place to manage their cybersecurity risks.
Dr Jane Berney, Business Law manager at the ICAEW and Professor Jim Gee, Head of the Forensic and Counter Fraud Services Team discuss cybercrime and GDPR in the manufacturing sector
The Library & Information Service provides a hand-picked collection of industry press articles as a benefit of membership. If you are unable to access an article, please see our Help and support or contact library@icaew.com
The article offers information on the cyber insurance which provides companies with a layer of protection against potentially debilitating financial damages or data loss incident. It mentions cyber insurance policies can also give businesses access to qualified recovery specialists; and also mentions there are many different types of insurance, including policies covering systems being hacked, data loss, data theft and reputational damage, which is often the biggest issue for bigger companies.
The article highlights the impact of connected technology botnets on the internet of things (IOT) technology. It discusses the role of connected technology in the daily life such as allowing communication with friends and family, keeping up to date with world events, and staying entertained. Topics include exploitation of the connected devices by hackers to harvest sensitive data, send spam and taking control of networks.
The article offers suggestions for increasing corporate cybersecurity efforts for the board. Topics discussed include ineffectiveness of artificial intelligence in preventing cybercrime and data security failures; making sustainable data privacy compliance; and verifying identities and providing access to resources through authentication.
The article focuses on cyber security issues for supply chains. It refers to collective digital developments as the cyber supply chain to improve efficiency, reduce order quantities and reduce lead times. It highlights major efforts in combatting cyber risks in the supply chain and major recent security breaches.
Terms of use: You are permitted to access articles subject to the terms of use set by our suppliers and any restrictions imposed by individual publishers. Please see individual supplier pages for full terms of use.
Guidance on IT management topics for SMEs. Covers the following areas: computer hardware; business software; the internt; communications; IT security; buy and manage IT; IT support; staff and IT training.
Government campaign to raise cyber security awareness. Gives advice on: protecting your device; protecting your data; and protecting your business.
Advice from the National Cyber Security Centre to help protect organisations against cyber attacks. There are three levels of engagement , two of which leads to accreditation for certified cyber security.
Practical guidance for organisations including 10 steps to cyber security. Also provides information on cyber security threats detected in the UK.
ICAEW accepts no responsibility for the content on any site to which a hypertext link from this site exists. The links are provided ‘as is’ with no warranty, express or implied, for the information provided within them. Please see the full copyright and disclaimer notice.
As the GDPR has created fresh challenges for businesses that share personal data with third-party processors, the Tech Faculty offers some practical tips.
This page presents an overview of instructions and guidance for small practices to prepare for Brexit.
Many of you might be tired and weary of hearing about GDPR, data protection and cyber risk. Opt-in, opt-out, updated terms and conditions… the fact that so many businesses have taken different approaches to the way they manage personal data adds to the continuing uncertainty surrounding this area
It has been one year since the implementation of the General Data Protection Regulation. While the initial panic is over, Jane Berney explains what has happened since 25 May 2018
Information security is the branch of risk management that seeks to manage threats to organisational information. There are of course all kinds of information security risks. They all need to be assessed and businesses need to decide how to treat each one. This guide is solely concerned with the mitigation of information security risk.
As an auditor you face the challenge of addressing a burgeoning new form of service delivery that is not directly controlled by the organisation that has entrusted their data to the cloud. This helpsheet is intended to assist internal and external auditors to understand the risks associated with moving organisational activities to the cloud and scope a cloud-based services audit.
This guide is aimed primarily at SME organisations that need an overview of what BYOD (Bring Your Own Device) actually is, how it can be used to the organisation’s advantage and how to start developing their own BYOD and mobile strategy for using and managing mobile devices successfully within their business.
In an IT world without obvious boundaries, Amar Singh explains how to avoid cybercrime and bounce back after an attack.
This article takes a timely look at the importance of IT Continuity Management and its relationship with Business Continuity Management (BCM), its corporate benefits, key business drivers and milestones in the process, the current threats to operations, and the impact it is having on the resilience agenda.
This guide provides an overview of a cyber attack response plan. Organisations of all sizes and types should download this plan today in readiness for when a cyber incident takes place. This will help reduce your business risk and improve business resiliency.
How to recover in the event of a data breach. This guide draws on expert insights from our volunteers and members, with some very helpful case studies outlining real life examples – one of which is a ransomware example similar to the scenario above, and where the firm did have a backup.
Kirstin Gillon reports from the second of our roundtable series on cyber security, with guest speaker Ian Livingston, exploring how boards are becoming more engaged in the need to protect their business.
With cyber attacks on the rise, the need for businesses to insure against threats is imminent. Arvind Hickman talks to the experts about why prevention is better than cure
In the first of a series of faculty roundtable discussions, information security professionals discuss how boards can help in the fight against cyber risk. This article first appeared in the September/October 2013 edition of Chartech Magazine.