Cyber Certifications: Gold Dust or Fools Gold?
How much do Cyber certifications, such as Cyber Essentials Plus and ISO 27001, truly protect your organisation from the modern and ever-changing Cyber threat landscape?
You may often be asking yourself, “how safe is my business?” Or more pertinently, “how safe are the IT systems, infrastructure and data on which my business depends?” This is the question which any organisation has to ask itself in 2020 and the answer to the question – if it’s asked and dealt with honestly – is sadly often ‘Not as safe as we would like to think it is’.
There are many reasons for this, not least the ever changing nature of the threat from Cyber criminals, fuelled by the irony of the fact that every technological step forward which makes an organisation easier to run and security controls simpler to maintain, also arms the hackers and criminals with ever more sophisticated means via which to counteract those security controls.
Another major factor which leads to many organisations being nowhere near as well protected as they might assume is, paradoxically, the number and perceived effectiveness of the many Cyber certifications and compliances which now operate across a range of industries and technology sectors. Often seen as the gold standard, certifications such as Cyber Essentials, Cyber Essentials Plus and ISO 27001 are, all too often, the benchmark against which organisations measure their Cyber security and, having been met, are treated as a panacea.
The question which needs to be asked is whether, in a landscape of ever changing security requirements, with factors such as cloud computing, AI and the Internet of Things (IOT) altering and expanding the nature and number of threats to be dealt with, a single certification – or even a set of overlapping certifications — can still be considered the ultimate resolution to the issue of Cyber security.
This white paper looks at the general scale and nature of the global Cyber crime risk, the specific factors which newer technologies are introducing to the equation and, most vitally, the steps which need to be taken over and above gaining mainstream Cyber certifications in order to safeguard an organisation.
Find out more about Littlefish’s Cyber Security Services.
About Katy Hinchcliffe
Littlefish Head of Cyber Security Katy Hinchcliffe, is a highly regarded and award winning Cyber Security leader. With over a decade’s experience delivering a broad range of Cyber Security services to enterprise clients for global IT outsourcer Capgemini, notably managing the prevent, detect and respond functions on behalf of Rolls-Royce, Katy is now responsible for leading Littlefish’s Cyber Security practice.