Basket £ 0.00 (0 items)
You are here: HomeSolutionsBy IT Issue › Risk Management

Risk Management

An organisation can be at risk from many sources and it not just IT. The recent UK floodings, bombings and terrorist attacks have also had their impact and it is essential that organisations have plans in place to deal with the aftermath – should these disasters occur.

Fundamentally, you need to understand where your real risks lie and how you mitigate them. Consider your primary business assets, not forgetting your information assets. This is where ICT risk management is often misplaced; it is relatively easy to replace hardware, but the information stored thereon may have taken years to design or accumulate. Your main options are to: prevent the risk – stop it happening; reduce the risk – reduce the impact if it does happen; or transfer the risk – bluntly put – make it someone else's problem!

Tesco Bank theft shows need to take cyber security more seriously - 15 Nov 2016

From Cyber theft from 20,000 compromised Tesco Bank current accounts shows traditional approaches to security are not working and that companies are not taking the threat seriously enough, according to experts. Tesco Bank halted online banking after 40,000 current accounts were compromised and half of those were hit by ... read more..

BAE releases online cyber risk tool assessor - 11 Oct 2016

From SC Magazine A new online cyber risk tool has been produced to allow organisations to assess their cyber security strengths and weaknesses. The tool has been created in response to research from BAE Systems that reveals weaknesses in UK cyber security measures that are putting businesses at risk. It ... read more..

These ransomware tricks fool the most hardened security pro - 30 Sep 2016

From CIO Ransomware quite often targets businesses (for example hospitals) rather than individuals. Corporations have more valuable data and more money for ransom (ransom increases from roughly $500 per computer to $15,000 for the entire enterprise). Cyphort has examined different variants of ransomware to help users get an idea of ... read more..

IT security needs to move to ‘people-centric' practices - 22 Sep 2016

From SC Magazine Gartner analyst Dionsio Zumerle spoke at the Gartner Security Risk Management Summit about the state of mobile security, focusing on the idea that IT security needs to move to 'people-centric' security practices when it comes to managing mobile devices in the enterprise. Zumerle said: 'All too ... read more..

UK SMEs have false sense of cyber security - 22 Sep 2016

From Almost three-quarters (74%) of UK small and medium-sized enterprises (SMEs) think they are safe from cyber attack, despite half of them admitting having suffered a data breach, according to a report by Juniper Research. The research found that 50% of small businesses have suffered a data breach, two-thirds ... read more..

Gap widens between IT pros and end users while security worsens - 08 Sep 2016

From SC Magazine Over half (52%) of IT practitioners believe that policies against the misuse or unauthorised access to company data are being enforced and followed, yet only 35% of end users say their organisations enforce those policies. A new study from the Ponemon Institute analysed responses from 1,371 end ... read more..

Pokemon Go: is it a BYOD security nightmare? - 03 Aug 2016

From TechRepublic Niantic Labs continues to improve on the security of Pokemon Go, but that doesn't mean the risks are gone. Server hacks, permissions being secretly granted and malware-infested clone apps are all out there. BYOD offices need to be prepared for all potential risks. Let's make one thing clear: ... read more..

Ransomware fightback begins as Intel, Kaspersky and Europol launch decryption key portal - 03 Aug 2016

From Efforts to tackle the scourge of ransomware have been boosted by a new initiative designed to educate people about the threat and offer keys that can unlock devices without having to pay the fraudsters. The No More Ransom portal has been created by Intel Security, Kaspersky Lab, Europol ... read more..

Get ready for an Internet of Things disaster, warns security guru Bruce Schneier - 03 Aug 2016

From Security guru Bruce Schneier, the author of multiple encryption algorithms, founder of security company Counterpane and former chief technology officer of BT Managed Security Solutions, has warned that the 'craze' for connecting devices to the internet with little thought about security will result in a major disaster. Schneier ... read more..

65% of IT pros would be grounded by Mum for their messy firewall rules - 28 Jul 2016

From SC Magazine Nearly two-thirds (65%) of IT security pros would be grounded in some capacity for the messy state of their firewall rules. Of those, over half or one-third of the total said that if their firewall rules were a teenager's room, Mum would be so angry that they'd ... read more..

Firms at risk from staff accepting random LinkedIn connection requests - 23 Jun 2016

From UK staff are putting their companies at risk of phishing attacks because they are too willing to accept friend requests from random people on LinkedIn. A survey of 2,000 workers by Intel Security found that around 24% admitted to accepting requests from people they don't know, opening company ... read more..

36% of organisations have no cyber attack response plan in place - 15 Jun 2016

From SC Magazine An alarming 36% of businesses have yet to develop a cyber attack response plan, according to a new report by F5 Networks. F5 Networks conducted research at the InfoSec conference in London this week and discovered that some of the top concerns for IT security pros are ... read more..

36% of ex-employees are breaking the Computer Misuse Act - 08 Jun 2016

From IT Pro Over a third of IT workers have admitted to accessing corporate systems after they have left a company, potentially breaching the Computer Misuse Act. According to a survey carried out by Vason Bourne on behalf of Protected Networks, 49% of those surveyed said they had retained access ... read more..

Stupid humans, you are the weakest link, at least according to the ICO - 08 Jun 2016

From Human error is the main cause of data breaches, according to statistics obtained from the UK's Information Commissioner's Office. Figures obtained by Egress Software Technologies via a Freedom of Information (FOI) request found that human error accounted for almost two-thirds (62%) of the incidents reported to the ICO ... read more..

IT professionals would rather manage external threats than worry about insiders - 08 Jun 2016

From InformationWeek Data breaches have become so common that it's easy to overlook them. There were 781 known data breaches in 2015, according to the Identity Theft Resource Centre, enough to read about mistakes being made twice a day if the media chose to write about every incident. Websites like ... read more..

WordPress plug-in flaw puts over 1 million websites at risk - 01 Jun 2016

From Owners of WordPress-based websites should update the Jetpack plug-in as soon as possible because of a serious flaw that could expose their users to attacks. Jetpack is a popular plug-in that offers free website optimisation, management and security features. It was developed by Automattic, the company behind ... read more..

Security training programmes don't do enough to mitigate insider risk - 25 May 2016

From CIO Employee-related security risks top the list of concerns for security professionals, but organisations aren't doing enough to prevent negligent employee behaviour, according to a new study. Last month, security research firm Ponemon Institute, sponsored by Experian Data Breach Resolution, surveyed 601 individuals at companies with a data protection ... read more..

A quarter of Windows devices open to hack - 18 May 2016

From IT Pro A quarter of all Windows devices, including tablets, computers and smartphones, are open to 700 vulnerabilities because enterprises have failed to update Internet Explorer (IE) at a company-wide level. Duo Security revealed the statistic as part of its Trusted Access 2016 report, which also found 72% of ... read more..

Report says criminals are better communicators than IT staffers - 04 May 2016

From The potential of connected devices to create damage, injury and mayhem is an ongoing security concern. But so far, the Internet of Things is not being linked, in a significant way, to security problems, says a new study. Verizon, in its just-released annual report of report of cyber ... read more..

Businesses must address digital transformation security risks, says analyst - 04 May 2016

From Businesses need to recognise that the process of digital transformation will affect all of their major areas, creating new security problems as once separate systems are connected in new ways, said Martin Kuppinger, principal analyst at KuppingerCole. 'Just about everything companies do in terms of digital transformation means ... read more..

Three million servers at risk of hijacking with ransomware due to out-of-date apps - 20 Apr 2016

From More than 3 million servers worldwide are at risk of ransomware due to out-of-date or insecure apps, and inadequate updating and patching practices. That is the warning from Cisco Systems' Talos security service, which warns that as many as 3.2 million servers could be compromised due to a ... read more..

Two-in-five UK businesses still unaware of the EU’s new data law despite the prospect of hefty fines - 20 Apr 2016

From Information Age Two years after the EU's General Data Protection Regulation (GDPR) was first announced, 20% of IT decision makers in the UK are still unaware of its existence, accordingto research. The European Parliament formally adopted the GDPR last Thursday and when it comes into force in 2018 it ... read more..

Employees’ use of personal devices puts firms at risk of malware infection, says report - 20 Apr 2016

From Six-in-ten UK employees are putting their businesses at risk of malware infection by using their personal devices to access corporate networks and illegal pirated content, a study has revealed. Although 80% of those accessing the content consider the personal security risks of doing so, only 60% consider the ... read more..

Reports find high security risks among policies for third-party vendors - 16 Apr 2016

From SC Magazine Two recent reports highlight the security and privacy threats posed by third-party vendors. The reports examine companies' procedures for handling third-party vendor permissions and the ability of companies to track these vendors' activities. One of the reports, which surveyed IT and security professionals in the US, UK, ... read more..

97% of IT professionals think standard anti-virus software will stop zero-day attacks - 29 Mar 2016

From A staggering 97% of IT professionals surveyed by Computing are using standard anti-virus software to stop zero-day attacks. The research was presented during a web seminar, entitled Anti-virus software has had its day how can you protect against advanced threats? It was also revealed that while 57% ... read more..

Data reveals average company has 9.9 million accessible files to any employee - 29 Mar 2016

From SC Magazine In 2015, the average company had roughly 9.9 million files accessible to every employee regardless of their roles. Varonis collected a year's worth of anonymous data from dozens of customer risk assessments conducted in mid-to-large companies in various sectors. The data was collected during risk assessments for ... read more..

Employees 'care more about securing personal data than work data' - 21 Mar 2016

From IT Pro UK workers take greater steps to protect personal files than work documents, a new study has revealed. The survey of 2,000 full-time UK workers around the country carried out by Censuswide last year on behalf of Citrix, found what the virtualisation and cloud services firm described as ... read more..

50% of IT pros find themselves overwhelmed by patch volume - 17 Mar 2016

From SC Magazine Half of IT professionals are having a hard time keeping up with enterprise patching. Dimensional Research and Tripwire's Vulnerability and Exposure Research Team (VERT) studied 480 IT pros involved in patch management and assessed enterprise patch volume and installation trends. Patch management is critical for lowering security ... read more..

IT decision makers admit they need to do more to protect data - 17 Mar 2016

From Most IT leaders recognise the importance of data protection but more than a quarter of IT decision makers (ITDMs) at UK firms admit they could do more to protect corporate data. Almost 90% of CIOs/CISOs, 80% of ITDMs and 74% of knowledge workers said their ability to ... read more..

Lack of cyber security awareness putting UK organisations at risk - 09 Mar 2016

From A lack of cyber security awareness among employees is putting UK organisations at greater risk, a study has revealed. UK organisations are putting their reputation, customer trust and competitive advantage at greater risk by failing to provide staff with effective cyber security awareness and capability to defend against ... read more..



For more information about The National Computing Centre and our services, please contact us at the details below:

Telephone: +44 (0)870 908 8767
Fax: +44 (0)870 134 0931

Click here for more contact information

TwitterFollow us on Twitter
Linked InJoin our LinkedIn Group
FBLike us on Facebook


Management Guidelines

NCC Guidelines Vol 5 No 1

more in Management Guidelines


Professional Development

Cloud Computing

more in Professional Development


Analyst Digest

September 2016 Bulletin published

more in Analyst Digest