Encouraging SMEs to address security

I’ve been busy over the last week finalising some interesting research work for the Information Commissioner’s Office on security advice for SMEs. It has some groundbreaking recommendations. Hopefully it will help to deliver the long overdue boost we desperately need to persuade SMEs to address security. The main problem is that they don’t really want to know. Security is a ‘grudge purchase’. But it certainly helps to assemble some suitable, complete and up-to-date advice, and erect signposts where SMEs are likely to look.
 
I presented some of the findings of this research at last week’s ISSA UK meeting in London, and was taken aback by how well the ideas were received. Amongst other things, it underlines three key realities. Firstly, SMEs are important. Secondly, supply chains matter. And thirdly, a different approach is needed. Shoehorning ISO 27000 standards into an SME environment is certainly not the answer. Anyone interested in catching my presentation on this subject should look out for it at next month’s meeting of Martin Smith’s excellent Security Awareness Special Interest Group in London. 

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

Hello, I am part of the EU Commission's eYouGuide team. While searching for relevant websites providing useful information on online security to SMEs I came across this blog entry. I thought that you might want to know about the EU Commission's eYouGuide as it contains some useful info on the subject: http://ec.europa.eu/information_society/eyouguide/navigation/index_en.htm (The eYouGuide site sets out the online rights of European consumers, covering issues as diverse as protecting online privacy, buying online safely or handling spam.) Best regards, Olaf eYouGuide team
Cancel

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close