Good Information Governance
Information governance spans a variety of areas of your business including human resources, communications and corporate culture. Due to the complexity of evolving technology risks many organisations need to have an independent assessment of current capabilities to create, maintain and respond to future exposures. Or in other words, to provide assurance at board level that the governance remains robust and appropriate practices are being applied to minimise threats to the security of technology and data.
Data security breaches such as TalkTalk, Ashley Madison and Mossack Fonseca cost those companies significant sums of money, let alone the reputational damage, and were all largely preventable.
74% of SMEs reporting a breach in 2014, cost each business between £75,000 and £310,8001.
Infotech Governance Ltd can help protect against such losses by strengthening the Processes that govern your People and Technology, whilst achieving or exceeding recognised security standards.
Effective IT governance must be driven by business owners and directors, who are ultimately accountable for the Company’s reputation and profitability.
28% of the worst security breaches were partly attributed to senior management not giving sufficient priority to IT and data security.
What is governance?
IT governance is about putting policies and procedures in place to reduce the likelihood and impact of cybercrime or system failure.
Such a breach can result in a business losing sensitive data, intellectual property, or the internal spread of malicious software across the Company’s IT estate causing data loss, system downtime, corruption or loss of information visibility.
More often than not these losses are the result of inadequate controls, poor practice or employee behaviour and the resulting costs can be significant.
Case studies
In TalkTalk’s 2015 data breach around 157,000 customer details were stolen, the largest in British history. It cost them some £60m (roughly 3% of turnover), about 95,000 customers were lost and three staff were arrested at one of their call centres on suspicion of data theft.
The 2016 Mossack Fonseca “Panama Papers” breach was reportedly down to a customer web portal running a WordPress website with an out of date plugin that had “vulnerabilities”. At 11.5 million documents and some 2.6 terabytes of data it is the largest breach to the journalism industry in history.
Our approach
Using experience gained over many years and equipped with best practice, Infotech Governance Ltd will:
- Review your current processes and IT governance
- Undertake a gap-analysis against “Industry” best practices
- Tailor those best practices to suit your company
- Manage and implement recommendations
We work with stakeholders at all levels to ensure your governance investment stays current and appropriate, with on-going support.
Who we are
Our consultants are highly skilled at working with and implementing procedures that sustain IT security. The team have substantial experience in IT management and governance within regulated industries, including leading successful ISAE3402 audits.
90% of large companies reporting a breach in 2014, cost each between £1.46m and £3.14m.
Our independent overview and approach will deliver the strongest unbiased controls to protect your enterprise. Ensuring the most appropriate and robust governance is adhered to in your Company will help to significantly reduce the most likely threats to IT security.
What next?
Technology rightfully has an ever increasing role to play in IT security, but without strong governance directed and supported by the business owners, it will not be as effective as it could and should be.
We would be happy to meet with you to explore the risks you may face and show how we can help strengthen your governance and IT security.
“The service from Infotech provides business directors, and their board, with a clear insight into their ability to deal with the increasingly complex IT, cyber and data risks environment. We all know there is a heightened risk in this digital world and having Infotech alongside gives us the expertise to enable us to analyse and plan our Cyber Security strategy.” Richard Anscombe Fram Farmers Ltd., June 2016
Strong IT governance in your company is your first line of defence.
If you would like to speak to our team about infotech governance as part of your overall risk management approach please get in touch.