Data protection

Posted on Jan 01, 2021. Just do the basics!

Why is it that so many companies go looking for shiny new cyber security products (with their very limited budget) that will cure all their worries (as if), when they don’t first consider how they can do better with what they currently have?

Time and time again I see the most rudimentary failures of basic IT security. Passwords set to never expire. Complete lack of access controls to customer data. Too many people with administrative rights. No staff training for information & cyber security or data protection, no vetting of staff, and the list goes on.

But worse still, you go back a year later to find that they’ve installed a SIEM machine (that they don’t need or understand) and have only tightened up a few basic security controls with the majority left in a totally unsatisfactory state. As they say, you can’t patch the human. If only their customers knew…

© 2021 Cambrian Cyber Consulting.

Registered in England and Wales Number: 12856496 | VAT Number: 359 0789 53 | Information Commissioner’s Office Registration Number: ZA791472

Privacy Policy | Sitemap