Getting started
While many businesses may recognise the risks around cyber security, it can be difficult to know where to start.
Cybercrime and threats to computer systems have become a major concern of businesses around the world. Our growing reliance on IT and the internet has greatly increased the impact of hacking, security failures and the loss of systems. At the same time, cyber attackers have become more sophisticated and organised. How worried should businesses be? And what are the main steps they should be taking? This resource centre provides a focal point for ICAEW members looking for support in managing cyber risks.
ICAEW has launched a “safe space” e-community for members to disclose cyber-attacks and discuss cyber-security.
With an NSA employee set for jail time for working on classified information at home, it might be best to keep work at the office.
Charities get help with cyber security through practical new guidance from the National Cyber Security Centre (NCSC).
If stopping processing digital information is out of the question for your business, there is just time to take action and ensure you are GDPR compliant. Alan Calder goes into detail about personal data, lawful basis and information security surrounding the imminent new regulation.
Helpsheet issued by ICAEW’s Technical Advisory Service to help ICAEW members to understand the requirements of the GDPR in relation to a data breach.
Experts from ICAEW offer guidance on what software offers you the best way to meet the requirements of legislative changes, resulting from MTD programme.
There are a number of legal implications that should be considered by both accounting practices and small businesses in the UK before adopting cloud computing services.
Cyber Essentials is a Government-backed and industry supported scheme to guide businesses in protecting themselves against cyber threats. Certification against this scheme is increasingly required for any company bidding for government contracts and sometimes their supply chain too.
Navigating the expanding landscape of information security standards can be a challenge. If you don't know your PCI DSS from your ISO 27001, Lesley Meall's at-a-glance guide can help.
Information security and data privacy are increasingly subject to legal regulation, as well as industry standards.
New and emerging developments of cyber security in the manufacturing sector. Hear from Dr Jane Berney Business Law Manager, ICAEW and Professor Jim Gee, Head of Forensic, cybercrime and counter fraud services, Crowe Clark Whitehill.
This webinar will offer practical advice on GDPR and examine how taking simple steps can reduce the risk of cybercrime against individuals and companies. Hear insights from Dr Jane Berney, Manager, Business Law, ICAEW and Mark Taylor, Technical Manager, ICAEW.
Mark Taylor provides us with practical advice on the adoption of effective and efficient password policies for your business.
The new Data Protection Act 2018 comes into to force on 25 May 2018. It replaces the current Data Protection Act 1998.
GDPR comes into force on 25 May 2018, and members must ensure they are adequately prepared. Here we offer a concise round-up of the key considerations and provide some helpful links.
ICAEW has been working with R3 to produce the following FAQs on the GDPR and how it affects IPs.
There’s more to GDPR than opting in or out of emails you receive, writes CASSL chair William Hughes.
Information security is the branch of risk management that seeks to manage threats to organisational information. There are of course all kinds of information security risks. They all need to be assessed and businesses need to decide how to treat each one. This guide is solely concerned with the mitigation of information security risk.
As an auditor you face the challenge of addressing a burgeoning new form of service delivery that is not directly controlled by the organisation that has entrusted their data to the cloud. This helpsheet is intended to assist internal and external auditors to understand the risks associated with moving organisational activities to the cloud and scope a cloud-based services audit.
This guide is aimed primarily at SME organisations that need an overview of what BYOD (Bring Your Own Device) actually is, how it can be used to the organisation’s advantage and how to start developing their own BYOD and mobile strategy for using and managing mobile devices successfully within their business.
In an IT world without obvious boundaries, Amar Singh explains how to avoid cybercrime and bounce back after an attack.
This article takes a timely look at the importance of IT Continuity Management and its relationship with Business Continuity Management (BCM), its corporate benefits, key business drivers and milestones in the process, the current threats to operations, and the impact it is having on the resilience agenda.
Kirstin Gillon reports from the second of our roundtable series on cyber security, with guest speaker Ian Livingston, exploring how boards are becoming more engaged in the need to protect their business.
With cyber attacks on the rise, the need for businesses to insure against threats is imminent. Arvind Hickman talks to the experts about why prevention is better than cure
In the first of a series of faculty roundtable discussions, information security professionals discuss how boards can help in the fight against cyber risk. This article first appeared in the September/October 2013 edition of Chartech Magazine.