Skip navigation

Gloucestershire Business News

Business Boffin: Effective Cyber Security

There seems to be a cyber security or data privacy story in the news every week. We live in a digitally enabled society, yet data protection is poorly managed and systems are hacked on a daily basis.

There are three aspects to business growth - people, processes and technology. Equally, these also apply to cyber security. Steve Borwell-Fox from borwell, provides some insight into how to implement cyber security effectively in a growing business.

People using IT and software systems need skills. Therefore, prior training and experience is important as is ongoing skill development. Make people the strongest link in your cyber defences - put staff on security awareness training. New staff should go on this type of course around 3 months in and it especially staff who are using CRM systems, finance systems and working with sensitive company or customer data.

Processes need to be documented, be usable, and kept up-to-date. Document any process that has a risk of a mistake being made, or could be less efficient if staff just made up their own process. A written procedure should explain how to execute the process, and ideally contains photos or screen shots walking through the process steps in detail. Growing businesses should aspire to achieve ISO 9001 certification. This provides a great platform on which to add your Information Assurance (IA) policies and procedures.

Technology should be up-to-date and a budget allocated each year to replace servers every 5 years, desktops every 3 years and laptops every 2-3 years.

Staggering these purchases will prevent the business owner from stalling investing in a particularly tough year, which in turn could lead to old computers with out of data Operating Systems being used. These will be vulnerable and could jeopardise the security of the business. Bad investment designs will compound the problem. My team sees this every week - the MD might have a new car, but staff are using out of date IT, with old monitors, and poor productivity as a result.

In summary, speak with your IT provider and plan to invest in IT. Put staff on training courses. Aim for ISO 9001, and in the short-term get help with Cyber Essentials Scheme certification. Grow your business confidently, productively and securely.

• For help and support with your Cyber Security, IT and training needs call the borwell team on 01684 377980 or email 

• Steve Borwell-Fox will be facilitating a GAINS Masterclass at the University of Gloucestershire on 25th May. GAINS is part-funded by the European Regional Development Fund, and Gloucestershire based SMEs can register for a fully-funded place here. 

Subscribe to Punchline

Related Articles

County business park to double in size Image

County business park to double in size

Planners have given the go ahead for a near 50,000 sq foot expansion of a business park despite numerous objections.

200 staff to change hands as £20m turnover business is sold Image

200 staff to change hands as £20m turnover business is sold

A member of the well-known Gloucestershire Warner family has sold his chain of county-based businesses to a major British brand.

Verdict on businessman who died in vintage car rally Image

Verdict on businessman who died in vintage car rally

A 65-year-old vintage sports car enthusiast and Gloucestershire company director died when his vintage Bugatti crashed during a car rally in Australia, an inquest heard.

Business expert: The key to making landlords' lives easier Image

Business expert: The key to making landlords' lives easier

The growth of the private residential sector along with legislative changes are leading to increases in the number of issues faced by landlords when tenancies come to an end.

Copyright 2019 Moose Partnership Ltd. All rights reserved. Reproduction of any content is strictly forbidden without prior permission.