Skip navigation

Gloucestershire Business News

Business Boffin: Effective Cyber Security

There seems to be a cyber security or data privacy story in the news every week. We live in a digitally enabled society, yet data protection is poorly managed and systems are hacked on a daily basis.

There are three aspects to business growth - people, processes and technology. Equally, these also apply to cyber security. Steve Borwell-Fox from borwell, provides some insight into how to implement cyber security effectively in a growing business.

People using IT and software systems need skills. Therefore, prior training and experience is important as is ongoing skill development. Make people the strongest link in your cyber defences - put staff on security awareness training. New staff should go on this type of course around 3 months in and it especially staff who are using CRM systems, finance systems and working with sensitive company or customer data.

Processes need to be documented, be usable, and kept up-to-date. Document any process that has a risk of a mistake being made, or could be less efficient if staff just made up their own process. A written procedure should explain how to execute the process, and ideally contains photos or screen shots walking through the process steps in detail. Growing businesses should aspire to achieve ISO 9001 certification. This provides a great platform on which to add your Information Assurance (IA) policies and procedures.

Technology should be up-to-date and a budget allocated each year to replace servers every 5 years, desktops every 3 years and laptops every 2-3 years.

Staggering these purchases will prevent the business owner from stalling investing in a particularly tough year, which in turn could lead to old computers with out of data Operating Systems being used. These will be vulnerable and could jeopardise the security of the business. Bad investment designs will compound the problem. My team sees this every week - the MD might have a new car, but staff are using out of date IT, with old monitors, and poor productivity as a result.

In summary, speak with your IT provider and plan to invest in IT. Put staff on training courses. Aim for ISO 9001, and in the short-term get help with Cyber Essentials Scheme certification. Grow your business confidently, productively and securely.

• For help and support with your Cyber Security, IT and training needs call the borwell team on 01684 377980 or email 

• Steve Borwell-Fox will be facilitating a GAINS Masterclass at the University of Gloucestershire on 25th May. GAINS is part-funded by the European Regional Development Fund, and Gloucestershire based SMEs can register for a fully-funded place here. 

Subscribe to Punchline

Related Articles

Road closures ahead on busy A417 and A40 at Gloucester Image

Road closures ahead on busy A417 and A40 at Gloucester

If you are trying to travel via Over roundabout next week you should read this – it may not be as easy as it sounds.

On-line reviewers torn to shreds by tea room business Image

On-line reviewers torn to shreds by tea room business

A tea room in gentile Cheltenham has garnered plenty of attention (and perhaps a few fans) by hitting back in no uncertain terms at its critics on the ratings website TripAdvisor.

Jobs threat as a DIY chain is sold Image

Jobs threat as a DIY chain is sold

A major DIY chain has been sold for just £1 putting a question mark over jobs at stores in Gloucestershire.

Clean staff sweep up at awards Image

Clean staff sweep up at awards

Staff from a Cheltenham branch of a nation-wide linen and laundry business have walked away with national awards.

Copyright 2018 Moose Partnership Ltd. All rights reserved. Reproduction of any content is strictly forbidden without prior permission.