Companies continue to be vulnerable to hackers with the latest cyber attack affecting TalkTalk. This follows a number of other high profile incidents in 2015.

Breaches like these are not limited to large companies; small businesses are just as vulnerable. The latest report from the Department for Business Innovation and Skills - “2014 Information Security Breaches Survey” found that although security breaches were slightly down from 2013, the overall costs to deal with incidents was up:

81% of large organisations had a security breach (down from 86%* a year ago)

60% of small businesses had a security breach (down from 64%* a year ago)


£65k - £115k is the average cost to a small business of its worst security breach of the year (up from £35 - £65k a year ago)

Full survey available from https://www.gov.uk/government/uploads

Cyber_security_policyISO 27001 Information Security Management System (ISMS)
Every business should be taking precautions and assessing the risks of cyber crime by putting in place a written security policy.

The ISO 27001 information security standard is one way of protecting your business from future attacks. Certification will introduce a management structure to identify risks to your business. It will also establish a plan to recover from a breach should the worst happen.

Taking precautions to prevent a breach before it happens is more cost effective than recovering from an incident given the fact that costs for dealing with events are continuing to increase.

Direct costs to get your business back on track after a breach are not the only implications. Reputation with clients, compensation pay outs and, as in the case of TalkTalk, a drop in their share value, could have a devastating effect on the future of a business.

Certification provides peace of mind and demonstrates your company’s commitment to security of information.