© 2018 by Hansuke Consulting Limited

 

Hansuke Consulting Limited is registered in England and Wales number 10136213 with its registered office at: 71-75 Shelton Street, London WC2H 9JQ. Hansuke Consulting Limited is an accredited and regulated member firm of the Institute of Chartered Accountants in England and Wales (ICAEW).

 

In accordance with the disclosure requirements of the Provision of Services Regulations 2009, our professional indemnity insurer is International General Insurance Co (UK) Limited, of 133 Houndsditch London EC3A 7AH. The territorial coverage is worldwide excluding professional business carried out from an office in the United States of America or Canada and excludes any action for a claim brought in any court in the United States of America or Canada.

Security Awareness
Contact our team
+44 (0) 207 816 5488
Download the Brochure here

Any organisation, irrespective of size, is made up of three elements – technology, processes and people. It is said that an organisation is only ever as strong as its weakest link. Of the three elements, it is mostly the case that the ‘people’ element proves to be the weakest link when it comes to protecting the organisation against cyber risks with the root cause generally being a lack of both an appropriate company culture and an effective awareness program.

 

With cyber criminals increasingly looking to exploit human vulnerabilities in order to by-pass internal controls, organisations must proactively defend and raise staff awareness levels to inculcate a security culture and consequently decrease cyber risks.

Embedding a security culture begins at the very top of the organisation, the board of directors. Not only must the board consist of members that have an appreciation of IT and cyber risks, but it must also take specific steps to ensure the importance of security is understood across the organisation.

If your answer to any of the following questions is ‘no’, then you are at risk:

  • Is security at the heart of everything you do? 

  • Is the board and other senior management actively involved in cyber security?

  • Is the board and senior management regularly briefed on cyber risks?

  • Does a security culture exist?

  • Does a user security policy exist?

  • Are new joiners presented with mandatory security training at induction?

  • Are appropriate controls in place to counter a social engineering attack?

  • Are staff made aware of the risks of bringing your own device (BYOD)?

  • Are staff aware of how to handle information?

  • Do staff know how to create a strong password, keep it safe and do they change it regularly?

 

Our Services

 

Our team have extensive experience assisting clients with:

 

1. Influencing Change

embedding a risk-aware environment and driving cultural change;

running awareness sessions for the board and other senior management;

 

2. Conducting Needs Assessments

assessing knowledge and skills gaps;

review of training vendors and material in line with client requirements;

 

3. Implementing Awareness programs

design and manage security awareness programmes;

deploy awareness campaigns through various media for maximum impact;

 

4. Developing and Delivering Training

design and develop bespoke training and communication related material;

delivering training at all levels;

 

 

 

 

 

 

People

Processes

Technology

Organisation