Cybercrime and threats to computer systems have become a major concern of businesses around the world. Our growing reliance on IT and the internet has greatly increased the impact of hacking, security failures and the loss of systems. At the same time, cyber attackers have become more sophisticated and organised. How worried should businesses be? And what are the main steps they should be taking? This resource centre provides a focal point for ICAEW members looking for support in managing cyber risks.
The National Cyber Security Centre explains the importance of government and industry working together to reduce the impact of cyber threats to the UK.
Using malware to get money from people can actually be quite difficult. Leo Waldock details the pitfalls in trying to use malware, and some ways in which we can prevent people from blackmailing us.
There is a new safe space online where members can discuss digital security concerns in the accounting profession. Nina Bryant reports on how the new ICAEW group within the Cyber Security Information Sharing Partnership works.
A wave of ransomware attacks on European companies is causing a boom in cyber insurance claims, according to figures from AIG.
This example password/pass phrase policy could be used by an organisation to help protect client and employee data. It is jointly published by ICAEW's Business Law and IT Faculty.
FAQs for insolvency practitioners on the General Data Protection Regulations (GDPR).
Helpsheet issued by ICAEW’s Technical Advisory Service to help ICAEW members to understand the requirements of the GDPR in relation to a data breach.
Cyber Essentials is a Government-backed and industry supported scheme to guide businesses in protecting themselves against cyber threats. Certification against this scheme is increasingly required for any company bidding for government contracts and sometimes their supply chain too.
Navigating the expanding landscape of information security standards can be a challenge. If you don't know your PCI DSS from your ISO 27001, Lesley Meall's at-a-glance guide can help.
The General Data Protection Regulation (GDPR) came into force on 25 May 2018. It applies to everyone trading within the EEA (including UK individuals and organisations).
Stuart Jubb, MD of Consulting at Crossword Cybersecurity, and Nikki Cole, an experienced Non-Executive Director, discuss the processes that Boards should have in place to manage their cybersecurity risks.
Dr Jane Berney, Business Law manager at the ICAEW and Professor Jim Gee, Head of the Forensic and Counter Fraud Services Team discuss cybercrime and GDPR in the manufacturing sector
In this webinar, cyber security expert George Quigley, offers advice on how practitioners can keep their own data secure, plus what advice and services they could offer to their clients to help them keep their data secure.
The Library & Information Service provides a hand-picked collection of industry press articles as a benefit of membership. If you are unable to access an article, please see our Help and support or contact library@icaew.com
The article offers information on the importance for businesses to report cyber crime. Data breach investigations show that some organizations can take months or weeks to discover a cyber attack, but some are identifiable such as ransomware and distributed denial of service attacks.
The article focuses on information technology management strategies that businesses implement to protect their computer networks from cyber attacks. Topics include rise in investments made by companies in cloud computing; views of Corey Nachreiner, chief technology officer (CTO) at WatchGuard Technologies, on changes in strategies due to cloud, virtualisation and mobile computing technologies; and Slack's reliance on a range of traditional network security mechanisms to tackle cyber crime.
The article offers information on the efforts of chief information security officers (CISOs) to manage the cyber security risk. Topics discussed include need of security spending budgets; information on the risk-based approach to cyber security as part of enterprise risk management; the information technology risks and strategy; and communication between the board risk commitee and the CISO.
The article focuses on the new role the chief financial officer (CFO) can play in this new age of digital disruptions, constant hacking and other major corporate risks.
Terms of use: You are permitted to access articles subject to the terms of use set by our suppliers and any restrictions imposed by individual publishers. Please see individual supplier pages for full terms of use.
Government campaign to raise cyber security awareness. Gives advice on: protecting your device; protecting your data; and protecting your business.
Advice from the National Cyber Security Centre to help protect organisations against cyber attacks. There are three levels of engagement , two of which leads to accreditation for certified cyber security.
Practical guidance for organisations including 10 steps to cyber security. Also provides information on cyber security threats detected in the UK.
Free expert advice from the Government supported public/private partnership. Personal and business guidance is provided in areas such as hardware, information security, online safety and security, rules, guidelines and procedures, software and ways of work.
ICAEW accepts no responsibility for the content on any site to which a hypertext link from this site exists. The links are provided ‘as is’ with no warranty, express or implied, for the information provided within them. Please see the full copyright and disclaimer notice.
Can technology boost audit quality and solve the crisis in the audit profession? Lesley Meall explores some possibilities.
Brexit and data protection – what you need to know and how to prepare your business.
If you so much as gather or store customer, supplier, or employee data, including sensitive information like payment details, you have a cyber risk exposure, and a breach of personal data can be especially harmful, says insurance broker Bluefin.
General Data Protection Regulation projects have consumed precious resources, but they have also given accountants an opportunity to make their organisations more efficient. Lesley Meall details some real-life examples
Information security is the branch of risk management that seeks to manage threats to organisational information. There are of course all kinds of information security risks. They all need to be assessed and businesses need to decide how to treat each one. This guide is solely concerned with the mitigation of information security risk.
As an auditor you face the challenge of addressing a burgeoning new form of service delivery that is not directly controlled by the organisation that has entrusted their data to the cloud. This helpsheet is intended to assist internal and external auditors to understand the risks associated with moving organisational activities to the cloud and scope a cloud-based services audit.
This guide is aimed primarily at SME organisations that need an overview of what BYOD (Bring Your Own Device) actually is, how it can be used to the organisation’s advantage and how to start developing their own BYOD and mobile strategy for using and managing mobile devices successfully within their business.
In an IT world without obvious boundaries, Amar Singh explains how to avoid cybercrime and bounce back after an attack.
This article takes a timely look at the importance of IT Continuity Management and its relationship with Business Continuity Management (BCM), its corporate benefits, key business drivers and milestones in the process, the current threats to operations, and the impact it is having on the resilience agenda.
Kirstin Gillon reports from the second of our roundtable series on cyber security, with guest speaker Ian Livingston, exploring how boards are becoming more engaged in the need to protect their business.
With cyber attacks on the rise, the need for businesses to insure against threats is imminent. Arvind Hickman talks to the experts about why prevention is better than cure
In the first of a series of faculty roundtable discussions, information security professionals discuss how boards can help in the fight against cyber risk. This article first appeared in the September/October 2013 edition of Chartech Magazine.