21 Oct 2020 | 08.55 am
Guest Blog: Stephen O’Boyle, BSI Consulting Services
‘Cyber, risk and advisory strategies are as important as ever’
21 Oct 2020 | 08.55 am
BSI has expanded its global expertise, providing consulting services that allow clients to strengthen their information and organisational resilience for today’s ever-changing business environment, writes Stephen O’Boyle (pictured)
In a world that continues to adapt to perpetual remote working, organisations are reacting and adjusting like never before to keep their people, data and business safe. During the pandemic, there has been a significant increase in phishing attacks, ransomware and mobile malware related to COVID-19 counterfeit contact tracing apps (Europol May 2020 Report).
This year, BSI has seen various types of attacks, such as COVID-19 payment scams, text message scams, business email compromise (BEC) attacks, online shopping fraud, account ‘takeover’ fraud and invoice re-direction fraud, among others.
Supported by the guidance of experts and the implementation of cutting-edge technologies, organisations are successfully adapting to the ever-changing corporate landscape and ensuring business continuity and organisational resilience.
BSI has enhanced its traditional consulting approach to enable fully remote delivery capabilities with our cyber, risk and advisory services, utilising secure communication solutions to continue providing our trusted cybersecurity methodologies to our clients.
Security must be an enabler, not a blocker
BSI virtual consulting capabilities help organisations to assess, manage and resolve current risks and operational challenges. We are supporting clients by providing the following virtual services:
• Data Protection Officer as a Service (DPOaaS): Privacy is a continuous concern for every organisation, their clients and stakeholders, especially the Data Protection Officer (DPO). The DPO is an important leadership role within an organisation’s governance structure and is a key stakeholder in the data protection accountability framework defined by GDPR.
• Virtual CISO (vCISO): The vCISO role embeds senior security leadership into an organisation and asserts the importance of security to the leadership team. Once on-boarded, BSI’s experienced professionals can get working straight away.
• Risk Management: Establishing a robust information risk management framework provides an organisation with the ability to consistently manage risks across the business. BSI implements many risk management frameworks and conducts risk assessments across a wide range of sectors, including energy and utilities, technology, gaming, finance and government.
• PCI DSS Compliance: PCI DSS is a complex and granular standard that applies to all entities that store, process, or transmit payment card data, as well as organisations that may impact the security of a credit card processing environment.
• Third-party Security: A reliable third-party assessment provides the assurance that external services are securely delivered and that data is properly managed. There are common challenges that businesses are confronted with when managing third-party cybersecurity risk. These include lack of clarity, unclear demarcation and over-reliance on supplier’s services and capabilities.
• Audit and Gap Analysis: In addition to PCI DSS, our auditors and security consultants continue to conduct security assessments against a variety of information security standards (including ISO 27001, NIST Cybersecurity Framework), helping organisations understand their current security profiles. The audit or gap analysis depends on the depth of analysis required and alignment with a specific information security standard.
In the current climate it is critical to ensure that all policy and process changes are made in line with the organisation’s cybersecurity strategy, based on informed risk decisions. Cyber, risk and advisory strategies are as important as ever, and BSI’s virtual consulting services are dedicated to continuing to support organisations to enhance their information and organisational resilience.
For more details on BSI’s Consulting Services, visit bsigroup.com/cyber-ie