Opportunistic attackers do not differentiate between large and small companies when identifying a vulnerable target, however they are more likely to be successful when launching an attack against a small business.The impact of a cyber security breach on a small business can be greater than on a large enterprise; more than the cost of recovery from the breach itself the reputational impact or loss of business can be crippling.
The May 2016 HM Government Cyber Security Breaches Survey, further highlights how cyber security is not just an IT issue and must extend into the boardroom and into the supply chain. With this in mind SMEs that supply large organisations can find themselves under increasing pressure to demonstrate how they manage cyber security risk for example through compliance with standards.
Virtual Security Manager Service
Managing the cyber security posture of any organisation is not a one-off or annual activity. Even the smallest of businesses must monitor their environments, maintain awareness of vulnerabilities and ensure that they following their own policies in order to run an effective information security management system.
Our Virtual Security Manager Service allows organisations to concentrate on their core business whilst keeping on top of their security posture. A Virtual Security Manager can provide the following services:
- Regular vulnerability scanning (bi-monthly, monthly or quarterly)
- Regular review meetings (monthly or quarterly); covering security incidents, policy compliance, vulnerabilities and patching, changes in risk
Website Vulnerability Scanning
Many small businesses rely on websites to promote their products and brand; quite often the task of developing and hosting a website is given to a specialist web development company. Where these specialist companies will have expertise in the site design and build aspects they may not necessarily have the same level of expertise in applying controls to defend against common cyber attacks.
Our Website Vulnerability Scanning service is designed to provide businesses with an independent view of the security posture of their website allowing them to take remedial action where necessary or to give them assurance that their site is protected appropriately within their appetite to risk.