Cyber Security – A way of life

22 Jun, 2015

The importance of workplace culture to improve cyber security and its awareness.

Updated: January 2023

Every business knows that they should protect the information that they hold, even if it is to not incur the legal ramifications of failing to do so.

The Cyber Security Breaches Survey 2022 revealed that those reporting of cyber attacks, 31% of businesses and 26% of charities estimated they were attacked at least once a week.  One in five of these experienced a negative outcome as a direct consequence of a cyber attack.

The report identifies phishing attacks as the most common form of attack, with over 80% reporting receiving a fraudulent email or being directed to a fraudulent website.  Other form of attacks are then noted but to a much lesser extent and include impersonating organisations in emails or online and viruses, spyware or malware.

The most important statistic

A key reason behind this being a key statistic is that it identifies the importance of staff vigilance.  One method of combating this is to make cyber security a core section of any induction process and not just a bolt on to the existing process.  Furthermore, ongoing training is also a critical element in the safeguarding of company information.  However, just under one in five businesses and charitites reported providing training or awareness in the 12 months before the survey.

Creating the right culture

It is very worrying that numerous small and even large businesses are not providing ongoing training. Without this ongoing training, it is almost impossible to create the culture required to improve cyber security and its awareness.

With a lack of ongoing training it creates the perception that cyber security is not a serious issue and if this is the case, why should employees take it seriously? Instead, it becomes something that has to be completed upon induction but is forgotten about just as quickly.

The training itself must also be sufficient. A significant amount of the training that companies provide tends to focus upon what employees should do and the consequences of not complying. What also needs to be properly explained are the reasons as to why the training is so crucial.

If employees fully appreciate the reasons behind the processes and procedures that have been put in place then they can play a crucial role in protecting company information.

As a result of this, they are going to be more susceptible to the training and make more of an effort to comply. This in turn leads to a more secure business.

A not so daunting prospect

It is appreciated that information security is a very complex topic and that training, although playing an important part, is still just a part of what a company must do to help protect itself.

The task of protecting a company against all the different types of cyber security breaches can prove rather daunting but there is a solution.

The ISO 27001 Information Security Management Standard is internationally recognised and is even a growing requirement on tender documents.

The standard promotes efficient management of sensitive corporate information, highlighting vulnerabilities to ensure it is adequately protected against potential threats while encompassing people, process and IT systems.

The ISO 27001 is a comprehensive way of improving cyber security while bringing additional benefits such as its marketability and accountability within the organisation.

If you would like to learn more about ISO 27001, please click here or alternatively contact our team on 0330 058 5551 or

ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.

Do you want to get ahead of your competition? Win more tenders or save time and money on reoccurring issues? Contact us today on 0330 058 5551 or email

Alternatively, you can request a quote by filling out our enquiry form and a member of our team will be in touch shortly.

Related Posts

Ethos Group Become a SSAFA Corporate Partner

11 Apr, 2023

When we heard the news that Ethos Group had become Corporate Partners of fellow clients SSAFA, we wanted to share the amazing work they’ve been doing for the defence and armed forces community. 

Egg-cellent Support for Worcester Foodbank

4 Apr, 2023

The ISO QSL Good Egg Awards returned once again to support Worcester Foodbank, receiving an egg-cellent response of over 150 nominations.

The Return of ISO QSL Annual Charity Golf Day!

4 Apr, 2023

We are thrilled to announce the return of our annual charity Golf Day on Tuesday 13th June at Bransford Golf Club. It’s not just a Golf Day. This event is all about raising money for Midlands Air Ambulance Charity!

Recognise Your Good Eggs!

30 Jan, 2023

Yes, it’s that time of year again, your chance to recognise your egg-ceptional colleagues in our Good Egg Awards.