3Kites has recently undertaken system/service selection projects which have included helping firms to select security partners, SOCs (security operations centres) and SIEMs (security information and event management). With new acronyms to grapple with, and a significant additional IT spend being requested by IT directors, we provide here a short overview of the changes taking place in cyber security and the impact that professional services firms might expect from these. There’s a lot to cover, so let’s get started:
‘Traditional’ IT/cyber security
We have become familiar with the cyber security provisions that have been in place for a number of years, including items such as complex passwords, firewalls, antivirus applications, VPNs, device/data encryption, software patching, training and blocking access to items such as USB pens and websites that breach a firm’s policies. Some firms have taken the decision to formalise their approach with accreditation such as ISO 27001 and Cyber Essentials +. At the very least, we recommend firms complete the Cyber Essentials check list, which in our experience often highlights areas where cyber security can be…