Cyber Security – A way of life

22 Jun, 2015

Every business knows that they should protect the information that they hold, even if it is to not incur the legal ramifications of failing to do so.

Numerous statistics have been announced recently, whether it is in terms of the abundance of breaches (74% of SMEs suffering breaches) or that the average cyber-attack lasts for 31 hours with the knock on effects lasting for months.

That being said, arguably the most important statistic is that 31% of the worst security breaches were caused by accidental human error.

The most important statistic

A key reason behind this being argued as the most important statistic is that companies have far more control over these kinds of issues as opposed to an external attack.

With regards to the accidental human error, this can absolutely be avoided as the main cause of security breaches in general is that companies are in denial about it happening to them.

This then leads to them being reactive as opposed to proactive as they only attempt to change their ways AFTER having experienced a security breach.

One method of combating this is to make cyber security a core section of any induction process and not just a bolt on to the existing process.

Furthermore, ongoing training is also a critical element in the safeguarding of company information.

Creating the right culture

It is very worrying that numerous small and even large businesses are not providing ongoing training. Without this ongoing training, it is almost impossible to create the culture required to improve cyber security and its awareness.

With a lack of ongoing training it creates the perception that cyber security is not a serious issue and if this is the case, why should employees take it seriously? Instead, it becomes something that has to be completed upon induction but is forgotten about just as quickly.

The training itself must also be sufficient. A significant amount of the training that companies provide tends to focus upon what employees should do and the consequences of not complying. What also needs to be properly explained are the reasons as to why the training is so crucial.

If employees fully appreciate the reasons behind the processes and procedures that have been put in place then they can play a crucial role in protecting company information.

As a result of this, they are going to be more susceptible to the training and make more of an effort to comply. This in turn leads to a more secure business.

A not so daunting prospect

It is appreciated that information security is a very complex topic and that training, although playing an important part, is still just a part of what a company must do to help protect itself.

The task of protecting a company against all the different types of cyber security breaches can prove rather daunting but there is a solution.

The ISO 27001 Information Security Management Standard is internationally recognised and is even a growing requirement on tender documents.

The standard promotes efficient management of sensitive corporate information, highlighting vulnerabilities to ensure it is adequately protected against potential threats while encompassing people, process and IT systems.

The ISO 27001 is a comprehensive way of improving cyber security while bringing additional benefits such as its marketability and accountability within the organisation.

If you would like to find out more about the ISO 27001 Information Security Management Standard or any of the other standards/training or consultancy that ISO Quality Services provide, you can contact our friendly team via the following:

Telephone: 01905 670303


Sources: Department for Business Innovation & Skills

ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.

Primarily working with clients throughout the whole of the UK and Ireland, ISO Quality Services Ltd also cover Europe and the UAE.

Do you want to get ahead of your competition? Win more tenders or save time and money on reoccurring issues? Contact us today!


ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.

Do you want to get ahead of your competition? Win more tenders or save time and money on reoccurring issues? Contact us today on 0330 058 5551 or email

Alternatively, you can request a quote by filling out our enquiry form and a member of our team will be in touch shortly.

Related Posts

Our View: First Fence Limited

26 Feb, 2021

Find out what Senior Lead Assessor, Colin Watkins and Client Care Team Leader, Lauren Kebby had to say about First Fence Limited

10 Cyber Security Tips for Remote Working

23 Feb, 2021

Since the first lockdown, cyber security has been on the rise but why? Quite simply because remote working employees are easy targets and businesses are finding it difficult to manage everyone. So, what can organisations do to protect their cyber security?

What is the purpose of your support meeting?

22 Feb, 2021

Support meeting, internal review, bi-annual meeting – it all means the same thing. It is a non-certificate dependent check from us to ensure that you are on track with your management system.  Let’s face it, nobody wants to have a week of panic prior to their recertification audit to gather all the supporting evidence and worse still, fail an audit and not receive their certification at all!

Three Great Reasons to Nominate Someone In Our Good Egg Awards…

8 Feb, 2021

Recognise those who have gone above and beyond for your organisation during the pandemic in our Good Egg Awards…..