Cyber Security: Essential Principles to Secure Your Organisation

The cyber security landscape is complex and constantly changing. Organisations large and small experience attacks every day, from simple phishing emails to intricate, detailed operations masterminded by criminal gangs, and for every vulnerability fixed, another pops up, ripe for exploitation.

Cyber security doesn’t have to cost vast amounts of money or take a short ice age to implement. No matter the size of your organisation, improving cyber security helps protect your data and that of your clients, improving business relations and opening the door to new opportunities.

This pocket guide will take you through the essentials of cyber security – the principles that underpin it, vulnerabilities and threats and the attackers who use them, and how to defend against them – so you can confidently develop a cyber security programme.

Cyber Security: Essential principles to secure your organisation:

• Covers the key differences between cyber and information security;
• Explains how cyber security is increasingly mandatory and how this ties into data protection, e.g. the Data Protection Act 2018 and the GDPR (General Data Protection Regulation);
• Focuses on the nature of the problem, looking at technical, physical and human threats and vulnerabilities;
• Explores the importance of security by design;
• Gives guidance on why security should be balanced and centralised; and
• Introduces the concept of using standards and frameworks to manage cyber security.

No matter the size of your organisation, cyber security is no longer optional – it is an essential component of business success and a critical defence against the risks of the information age. The only questions left are to decide when and where your journey will begin.

About the Author

Alan Calder is the Group CEO of GRC International Group plc, the AIM-listed company that owns IT Governance Ltd. Alan is an acknowledged international cyber security guru, and a leading author on information security and IT governance issues. He has been involved in the development of a wide range of information security management training courses that have been accredited by IBITGQ (International Board for IT Governance Qualifications). Alan has consulted for clients in the UK and abroad, and is a regular media commentator and speaker.