State of Malware

State of Malware


NHS Malware 2.jpg


'Ransomware' got the nation taking


The NHS cyber-attack that hit hospitals across the UK is said to have been part of the biggest ransomware outbreak in history and it could ramp up again this week as people return to work. UK hospitals have effectively shut down and are turning away non-emergency patients after ransomware ransacked its networks.

Some 16 NHS organizations including several hospital trusts have had their files scrambled by a variant of the WannaCrypt, aka WanaCrypt aka Wcry, nasty. Users are told to cough up $300 in Bitcoin to restore their documents. Services in other countries – including Russia, Taiwan and Kazakhstan – were also affected by similar hacks. Experts say the virus, called exploits a vulnerability in Microsoft Windows software that was first identified by American spies at the NSA.

Doctors have been reduced to using pen and paper, and closing A&E to non-critical patients, amid the tech blackout. Ambulances have been redirected to other hospitals, and operations canceled.

industry experts ANLYSIS


Securestorm's approach to tackle high-impact attacks such as the NHS breach is the same that has proven to be effective with other high-profile organisations. We look at problems practically and holistically. This enables us to deliver innovative and tailored approach that suit the organisation while placing considerations on resources and other factors like cost and time.


Tony Richards, CTO of Securestorm who actively works-alongside Government organisations has been monitoring and advising organisations to help defend and protect against such attacks added, "Microsoft released a fix, or patch, for the issue in March prior to the dump. However computers that did not install the update, or could not due to the age of the software, would have been left vulnerable to an attack". He also stated how the use of Abatis HDF software would have helped these organisations to protect, defend against the very same attacks while proving to be cost-effective at the same time. Subsequently, he tweeted - 

Mandeep Obhrai, CEO of Securestorm analysed the importance of long-term organisational planning along with embedding a security culture that is practical. He recommends:

  • Robust business continuity planning
  • Crisis and incident response planning
  • Excellent security hygiene policies and user awareness 
  • Up-to-date patch and vulnerability management 
  • Access control and user privileges are important
  • Back-up data using relaible solution for protection. 

'Beating ransomware is about preventing it rather than reacting to it. Invest in awesome Cyber Security !' 
- Mandeep Obhrai, CEO

Securestorm can offer expert advice and consultancy services to organisations while developing the overall security posture, maturity and culture. We have lead, integrated with and supported multiple teams within organisations to be cyber ready. As such there is no one-stop solution for incidents but this is where consulting us benefits organisations as are accredited and experienced to adeptly look into different areas. Read about our case studies here.

For the ransomware incident, we have identified Abatis software as one of the solutions as defense. The following are features and benefits of this particular software.

‘A Disruptive Zero Day Defence’ solution against HACKERS'



Securestorm Ltd., London based Cloud and Cyber security experts and NCSC Certified Consultants have officially partnered up with ABATIS, a UK based Cyber Security Awards 2015: Innovative Product of the Year winner to offer a resilient, cost-effective and agile solution that stops zero day attacks.

Abatis is deployed on end point workstations and servers to enforce corporate security policy and provides detailed analysis and audit information.

  • Less than 100KB Kernel Level Protection
  • Preserves the integrity of whatever device it is installed upon
  • Protects All Windows and Red Hat Linux





  • "Effective at stopping all attempts to write malware to the permanent storage of the device regardless of system privilege"
  • "Abatis Stopped 100% of all malware in comparative tests where 8 well-known Anti-Virus tools scored between 30% and 55%”
  • Provides an APT HUNTER-KILLER ability not seen in any other tool
  • Safe to use in mission and safety-critical real-time systems and SCADA environments
  • Provides TOTAL Control over USB Devices




"Defence Against Crypto Locker and Other Ransomware“

Ransomware is one of the fastest growing methods for cyber criminals to extort money. Abatis stops these attacks dead. Ransomware is one of the fastest growing methods for cyber criminals to extort money from their victims. In the first six months of 2014 cyber criminals made over $100 Million in extortion, many of these victims had no option but to pay up or lose sensitive corporate information. Abatis stops these attacks dead.




Fast, Light and Efficient

  • "Saves 7% of the energy consumed by the device, servers run 8°C cooler, saving £35 / €50 / US$60 per server per annum”
  • Imperceptible performance impact
  • Up to 40% performance (speed) improvement compared to traditional AV
  • Massive improvement in laptop battery duration


  • Making Security Management Simple and Cost-Effective
  • Central Management Console (CMC) provides facilities to:
  • Install on an estate
  • Retrieve and analyse logs
  • Push policy updates to Abatis individually, in groups or globally
  • Web based application
  • SIEM-like dashboard


Abatis is a host based software only solution that is implemented as a kernel driver on Windows platforms. It intercepts and mediates file write access to the computer’s permanent. It is designed to help enforce system and file integrity without complex management overheads. It achieves this security objective by exercising robust access control over the writing of executable files and user-defined files (protected files) to a computer. It protects against unauthorized modification and denies unauthorized write operations.

While Abatis blocks unwanted executables by default, the Abatis system administration can define files for integrity protection according to the computer’s roles. Ideally, Abatis should be deployed on a newly installed ‘clean’ operating system. From this secure initial state (baseline), Abatis will prevent malware infection then on.

For most corporate environments, Abatis is rolled out at stages and there may be extant undetected infections on systems – often referred to as Advanced Persistent Threats (APTs). Abatis' unique operation and extensive audit log allows the malware to be identified. Abatis can also reveal rootkit infections and facilitates the subsequent removal of such programs.




orange tick.jpg

Securestorm are authorized re-sellers of the Award winning software and management console solution from Abatis that helps stop malware cost-effectively and right from the get-go.


With Securestorm, you get unparalleled expert advice, excellent customer care support and guidance pre-and-post on-boarding process giving our clients peace of mind and massive savings on cost, time and resources.

To request for a for additional information on malware & ransomware defense and protection tailored to your organisation's infrastructure, budget and considerations please get in touch via or call 0203 8655890 for advice and consultation.


Small Budgets Cripple Cyber Security Efforts of Local Governments

Small Budgets Cripple Cyber Security Efforts of Local Governments

Small Budgets Cripple Cyber Security Efforts of Local Governments

A survey of local government chief information officers finds that insufficient funding for cyber-security is the biggest obstacle in achieving high levels of cyber safety.

Inadequate budgets are the largest obstacle for local government chief information officers in obtaining the highest level of cyber security for their organization, according to a survey released by the International City/County Management Association.

According to 411 respondents in the Cyber security 2016 survey, 32% reported seeing an increase in cyber attacks to their organizations within the past 12 months. But despite this increase, more than half of the CIOs surveyed found steep obstacles still stood in their way of achieving the highest level of cyber security as possible.

Survey respondents pointed to these reasons as the barriers to obtaining high cyber-security levels:

  • 58% noted inability to pay competitive salaries
  • 53% attributed small cyber-security staff as the main obstacle
  • 52% cited overall lack of funds

Although adequate funding was listed as the top need in achieving the highest level of cyber security for local governments, improved cyber-security policies ranked as No. 2, followed by government employees having a better understanding of cyber-security as No. 3, according to the survey.


"The threat landscape is ever evolving"

Rather than treading over old ground, it’s time to step forward to address the ever widening gap between criminal capability and intent, and our capability to defend ourselves. While the National Cyber Security Center (NCSC) initiatives are in place and taking effect for the long-term goal of securing the nation as a whole, the industry needs to work-along side these measures to ensure progress and continuity as a collective unit.

As NCSC Certified Consultants actively working closely with the Government sector we strongly believe:

  • getting the basics right could prevent 85% of breaches
  • that moving to a secure culture by actively working with teams will change mindsets
  • measuring that culture periodically will help review and fix gaps
  • sharing information between departments and organisations will unify the common goal of being secured
  • building capability internally will lead to long-term resource, time and cost savings

Securestorm has worked with clients facing constraints when it comes to budget, expertise and security culture gaps by way of offering practical solutions that addresses the organisational goals when it comes total cyber security. Recently, Securestorm signed a partnership with Edgescan Ltd. to bring a solution that provides the necessary flexibility & efficiency to departments facing such hurdles. Securestorm also offer services to on-board and manage the solution so that internal resources can focus on other organisational priorities. This ensures cost, time and resource savings while receiving expertise that can transform the entire security culture of the organisation. 

Read about managed CONTINUOUS security vulnerability assessment service

Edgescan takes into account cloud security by focusing on internal and external vulnerabilities (web applications as well as network infrastructure). It also delivers the flexibility, simplicity and manageability that organizations need to take control of cyber security and prevent web and network attacks. Edgescan is a Software-as-a-Service (SaaS) platform designed from the ground up to scale massively, support the largest enterprises and offer the most compelling business efficiency, lowering your overall cost of ownership.

As official Edgescan G-Cloud suppliers and certified consultants, Securestorm can offer expert services that helps lessen the burden on your security team and improve overall organisational security posture by:

  • Providing continuous visibility to your on premise and cloud environments
  • Freeing your security team to work on more strategic priorities
  • Satisfying compliance with regulations
  • Safeguarding your critical data
         Presenting Vulnerability Management Service at SOCITM SPRING 2016

         Presenting Vulnerability Management Service at SOCITM SPRING 2016

        As partners, Securestorm are official G-Cloud Suppliers of Edgescan solution

       As partners, Securestorm are official G-Cloud Suppliers of Edgescan solution

meeting opportunity: Securestorm & edgescan at infosecurity

Securestorm will join Edgescan at Infosecurity Europe, 06-08 June at Olympia, London. Visitors can learn about full-stack vulnerability management solution



The Edgescan Vulnerability Assessment & Management by Securestorm is available to procure via the G-Cloud space. The service information can also be found on our own assured service directory 'Informd.Online' with a free registration for Government departments.

To request for a trail or for additional information on the vulnerability assessment and management approach tailored to your organisation's infrastructure, budget and considerations please get in touch via or call 0203 8655890 for advice and consultation.

'Trust in Cloud'

'Trust in Cloud'

Building Trust in the Security of Cloud


tech-UK represents the companies and technologies that are defining today the world that we will live in tomorrow. More than 900 companies are members of tech-UK. Collectively they employ approximately 700,000 people, about half of all tech sector jobs in the UK.

The event marked the launch of tech-UK's Building Trust in the Security of Cloud papers and a panel discussion with leading cloud industry figures on building trust in the security of cloud computing.

The series of papers are aimed at addressing common trust and security concerns, as well as misconceptions, surrounding cloud services. Despite many years of raising awareness of the benefits offered by cloud computing some negative perceptions remain about the security of cloud services that are holding back cloud adoption and its benefits. Given the importance of cloud computing to the UK’s digital future it is vital that the cloud security messages and advice being delivered today are relevant to how cloud services have evolved, address the concerns being raised by cloud users and are communicated to and understood by the right audiences.

To ensure this happens tech UK has been working with cloud computing and cyber security industry experts to develop a series of papers aimed at providing information and advice for consumers, SMEs and local government leaders that are looking to get the most out of cloud computing. The following papers will be launched and discussed at the event:


Securestom's Tony Richards, CTO/CISO/Cyber and Cloud Security Strategist at the Panel Discussion Committee for  Building Trust in the Security of Cloud

Securestom's Tony Richards, CTO/CISO/Cyber and Cloud Security Strategist at the Panel Discussion Committee for Building Trust in the Security of Cloud

As tech-UK Member organisation and industry experts, Securestorm directly worked with tech-UK and other industry members to discuss, research and build the cloud topic papers.

Securestorm's Tony Richards, CTO/CISO/Cyber and Cloud Security Strategist, was also involved in the event panel discussion on 24th April 2017 providing insights and answering audience questions on cloud security with relation to Government, Consumers and upcoming challenges such as Brexit and policy changes.

Securestorm are NCSC Certified Cyber Security Consultants with diversified interest in the Cloud Security domain working Public and Private sectors. With experience, knowledge and expertise Securestorm are actively working to champion Cloud Security best practices that enable Govt. & businesses to run more efficiently and cost effectively.

    Highlights from  'Building Trust in Cloud Session'

    Highlights from 'Building Trust in Cloud Session'

    Also launched is techUK’s “Cloud First. Policy Not Aspiration paper which focuses on the importance of the UK Government’s Cloud First policy being more than just an aspiration for ensuring effective public sector adoption and usage of cloud and how Government can become a loud and vocal cloud champion. The paper makes a number of recommendations that must be taken forward in order to build great trust in the security of cloud services and increase the adoption of cloud within the public sector. These recommendations and the importance of clear roles and responsibilities organisations for building greater trust and security in cloud computing across both the public and private sector and how to take forward tech-UK's work on this area.

    Access the Cloud papers here:

    About: Securestorm are dynamic cyber security experts that delivers practical advice with the aim of meeting and solving challenges across Cloud and Cyber Security domains. With a combination of experience, expertise and strategy, Securestorm offers guidance to clients across Public and Private sectors.
    Securestorm holds several accreditation, notably being NCSC Certified Cyber Security Consultancy, Crown Commercial Suppliers, and ISO:27001. Furthermore, Securestorm are also industry prominent for its proven delivery capabilities.






    Securestorm Ltd., Cloud & Cyber Security Experts and UK National Cyber Security Centre (NCSC) Certified Cyber Security Consultancy have officially launched is an online Common Technology Service directory for cloud services that have been audited and security assured by Securestorm against the UK National Cyber Security Centre’s (NCSC) Cloud Security Principles. In-line with the UK Governments ambition to reduce repetition and share security assurance information between government organisations, Government Security representatives can register for an account to gain access to the detailed reports.

    Securestorm are NCSC certified for the specialist areas of Information Assurance Audit and Review, Risk Assessment and Risk Management and hold various cloud security credentials further backed up by great industry experience and delivery in the public and private sectors. has been developed for referencing assured technology services allowing for users to have an overview, access relevant information and thus make an informed decisions on the security status. Government Users can register for an account, allowing access to the detailed, Cloud Security Principles Assurance Audit Reports.

    Easy Icon-Based Classifications

    Securestorm has designed the directory with custom icons using a traffic light labelling system for security assurance snapshot. Research has shown that the traffic light system has proven to be successful model for multiple sectors. Therefore, applying this principle Securestorm has mapped assurance levels (i.e. Assured, Not Assured, Weak Assurance and Not Applicable) to categories of importance covering core areas such as: Personal Data, Medical Data, Financial Data, as well as security functions such as: data location, protection of data in transit, legal jurisdiction, audit, identity and access control, and physical security.


    Friendly & Informative Layout gives users a holistic overview of the services security right up front with detailed but easy to narrow down services information through our custom assurance icons.


    Readily Available Information

    Clicking on the relevant service allows for accessing general information about the service. Registered Government Account holders get access to a fully detailed and referenced Cloud Security Principles Assurance Audit Report.


                                  Security assurance icon explanation


    Users can navigate the services list and click on the relevant service after shortlisting based on our custom assurance icons

    Users can click on services to pull of descriptions and relevant links asscotiated

    Other Essential Resources from Securestorm

    For more information on our, feel free to reach out to: for support or queries. For access to other resources from Securestorm such as Digital Apps, Cloud and Cyber Security Guidance articles, Thought-Leaderships and Case-studies, visit or navigate our links below.

    You Are Only As Strong As Your Weakest Link… MSPs Under Cyber-Threats.

    You Are Only As Strong As Your Weakest Link… MSPs Under Cyber-Threats.

    The following news story is result of an uncovering report as presented by the NCSC:

    Advice on managing enterprise security published after major cyber campaign detected

    • Third parties who manage large organisations’ IT services attacked
    • NCSC leading investigation in partnership with Cyber Incident Response partners
    • Advice urges enterprise security teams to discuss risk with Managed Service Providers

    TARGETED expert advice aimed at Managed Service Providers and their customers has been published after a global cyber attack was uncovered by a multi-organisation collaboration led by the National Cyber Security Centre (NCSC).

    The attacks are against global Managed Service Providers (MSPs), which are third parties who help to manage large organisations’ IT infrastructure and services. MSPs are particularly attractive to attackers because they have privileged access to other organisations’ systems and data.

    Due to the incident affecting mainly larger organisations, the NCSC believes the risk of direct financial theft from individuals is unlikely.

    The attacks provide a reminder about the importance of organisations choosing and monitoring their outsourcing partners carefully, so the NCSC has posted a range of advice on their website about what people should be done to mitigate against risks.

    Ciaran Martin, CEO of the government’s National Cyber Security Centre Said:

    “This scale of hostile activity is significant and our intervention is aimed at giving the UK the ability to tackle this threat head-on by giving organisations the tools and information they need.

    “We always encourage enterprises to discuss this threat with their MSP, even if they have no reason to believe they have been affected. This incident should remind organisations that entire supply chains need to be managed and they cannot outsource their risk.

    “The response to this attack is an example of the new NCSC at work with our partners. It would not have been possible to uncover the scale and significance of this incident as quickly without our close partners in Cyber Incident Response (CIR) initiative, including PWC and BAE Systems.”

    The guidance reflects the technical advice and mitigation measures offered to U.K. industry and government departments on the Cyber-security Information Sharing Partnership (CISP) platform.

    Organisations who outsource IT infrastructure are recommended to have an open dialogue with their provider and to understand what model they use to manage your services. If their model is unsatisfactory, the organisation should demand that they change it immediately.

    The NCSC recommends that MSPs who are unwilling to work closely with customers or are unwilling to share information should be treated with extreme caution. They also advise that having an independent audit of your MSP is critical for security management – an organisation that neglects such monitoring is unlikely to ever be able to effectively manage the risk.

    The NCSC, which is part of GCHQ, is the UK’s technical authority on cyber security. The NCSC was opened by HM The Queen in February 2017 and provides a single, central body for cyber security at a national level. It manages national cyber security incidents, carries out real-time threat analysis and provides tailored sectoral advice. 

    The UK government is fully committed to defending against cyber threats and address the cyber skills gap to develop and grow talent. A five year National Cyber Security Strategy (NCSS) was announced in November 2016, supported by £1.9billion of transformational investment.

    Finding Reliable, Trusted & Assured Experts Through NCSC Seal Of Approval

    The NCSC, set up in October 2016, is part of GCHQ and amalgamates government agencies dealing with cyber security. The NCSC was set up to help protect our critical services from cyber attacks, managing major incidents and improve the underlying security of the UK Internet through technological improvement and advice to citizens and organisations. Their vision is to help make the UK the safest place to live and do business online. NCSC certification serves as seal of trust, assurance and reliability for procuring services.

    Certified Cyber Consultancies will have demonstrated to NCSC that they have;

    • a proven track record of delivering defined cyber security consultancy services
    • a level of cyber security expertise supported by professional requirements defined by NCSC
    • the relevant Certified Professional (CCP) qualifications

    And that they;

    • Manage consultancy engagements in accordance with industry good practice
    • Meet NCSC requirements for certified professional cyber services companies

    Certified Cyber Security Consultancies commit to:

    • Complying with a code of conduct (see Section III of the Professional Cyber Services Application form)
    • Maintaining their cyber security expertise


    Securestorm as an NCSC certified Cyber Security Consultancy, are 1 of 3 companies who specialize in IA Audit and Review. Securestorm can undertake the Independent Security Assurance Reviews and IA Audits of Managed Service Providers as advised by the NCSC in light of this new attack. Additionally, Securestorm are also certified to carry out Risk Assessment & Risk Management with experience across Central government, Digital services for Government, Wider Public Sector.


    UK faces dramatic cyber-security skills 'cliff edge' and is chronically under prepared for hacker attacks, study finds

    UK faces dramatic cyber-security skills 'cliff edge' and is chronically under prepared for hacker attacks, study finds

    "The study finds that only 12 per cent of the UK workforce is under the age of 35 and 53 per cent is over the age of 45"

    Tuesday’s survey follows a string of similar warnings and a slew of high-profile cyber-attacks that have cost companies both in terms of money and reputation Reuters

    A global survey of almost 20,000 security professionals across banks, governments and multinationals concludes that Britain is facing a cyber-security skills “cliff edge” and that companies are “chronically” under-prepared for attacks. 

    The survey, conducted by (ISC)² – a non-profit organisation that aims to educate people about the risks of being online – shows that the UK workforce is getting older which is exacerbating an already gaping cyber-security skills rift. 

    Only 12 per cent of the workforce is under the age of 35 and 53 per cent is over the age of 45, the study finds. 

    A mere 6 per cent of UK companies are recruiting graduates who would have the potential to plug the gap, and 66 per cent already face a cyber-security skills squeeze due to being unable to find qualified personnel. 

    The data also suggest that employers are largely refusing to hire and train inexperienced recruits. A whopping 93 per cent of UK companies that responded to the survey said that previous cyber-security experience is an important factor in their hiring decisions.

    The findings indicate that the skills deficit is already having an effect on British businesses.  

    Close to half of the UK companies questioned said that the shortfall of cyber-security personnel is having a significant impact on their customers. A similar proportion said that it is already causing security breaches. 

     “Industry is experiencing a talent shortfall because employers are too focused on recruiting people with existing cyber-security experience,” said Lucy Chaplin, a manager within KPMG’s financial services technology risk consulting group, commenting on the survey. 

    “[It] is like complaining that there’s a shortage of pilots but refusing to hire anyone who is not already an experienced pilot.” 

    Rob Partridge, head of BT’s Security Academy, said that “the findings confirm that graduates are being overlooked for cyber-security roles and it is now an economic and security imperative that we change this trend”.

    Tuesday’s survey follows a string of similar warnings and a slew of high-profile cyber-attacks that have cost companies both in terms of money and reputation. 

    Last month, a survey by job site Indeed showed that the chasm between supply and demand for cyber-security expertise is widening at an alarming rate. 


    Securestorm agrees with the Cyber Security shortage and deeply supports Cyber as part of educational curriculum and enhanced training and support networks to boost professionals levels as well as tackle skills shortage. This ethos is carried over in our approach of 'investing heavily in people'. We are on the lookout for bright and motivated talents to be join our progressive organisation and be inspired and grow within the Cyber Security Market. To visit our latest vacancies, visit: or write to for more information.

    Securestorm moves to Holborn...

    Securestorm moves to Holborn...


    Waterhouse Square is a large gothic building of red brick at 138-142 Holborn in the London Borough of Camden. This unique building is named after Alfred Waterhouse, the original architect of that building.


    The materials are vibrant red brick and terracotta, which give such a large building a hallucinatory quality. The style is unapologetically Victorian Gothic. The central court called 'Waterhouse Square', is accessible from Holborn and is entered from a smaller court under a wide, dramatic arch. Its effect is almost overwhelming.


    You can visit us here -
    WeWork, No. 3 Waterhouse Square
    138 Holborn
    EC1N 2SW
    Telephone: 0203 8655890


    Securestorm get on-board Cyber Security Services 2 Framework by NCSC & CCS

    Securestorm get on-board Cyber Security Services 2 Framework by NCSC & CCS

    Securestorm bring Cyber Security Expertise to Cyber Security Services 2 Framework by NCSC & CCS to Meet Public-Sector Needs

    Securestorm, London based Cloud and Cyber security experts, Crown Commercial SuppliersCESG Certified and NCSC Certified Cyber Security Consultants are to bring their expertise and experience to the latest framework Cyber Security Services 2, a dynamic style agreement; with the specific aim of helping the public sector buy certified cyber security consultancy and services using an agile approach starting March 2017. 

    The Cyber Security Services 2 Framework is a collaboration between Crown Commercial Service (CCS) and the National Cyber Security Center (NCSC). This agreement provides a flexible and regulated route for central government and the wider public sector to procure NCSC certified cyber security services. NCSC are the UK government's National Technical Authority for Information Assurance. The agreement is based on the approach detailed in their Cyber Security Standard. The agreement is designed to work in an agile way, and iterated frequently to benefit buyers and suppliers. Cyber Security Services 2 aims to be the single, central route to market giving Central Government and Wider Public Sector buyers access to cyber security services, with the assurance of NCSC certification, technically and qualitatively. The services now included are;
            Lot 1: Cyber Consultancy (Risk Assessment, Risk Management, Security Architecture, Audit & Review, Incident Management)
            Lot 2: Penetration Testing
            Lot 3: Incident Response
            Lot 4: Tailored Evaluation

    By successfully getting on-board the new framework and being specialized in the Lot 1 offerings as an expert Cyber Consultancy certified by NCSC, Securestorm are experienced and equipped to meet the current needs of public sector organisations; whether they are looking to quickly respond to a cyber-attack, or to build long-term cyber resilience. This achievement follows another recent announcement of Securestorm being on-board, live and bringing expertise to the Digital Outcomes and Specialist Framework 2 on the Govt. marketplace starting February 2017. Read about this here.

    For recent case-studies visit: or email : for questions or queries.

       SECURESTORM on-board the ‘DIGITAL OUTCOMES & SPECIALIST 2’ framework

    SECURESTORM on-board the ‘DIGITAL OUTCOMES & SPECIALIST 2’ framework

    Securestorm, London based Cloud and Cyber security experts, Crown Commercial SuppliersCESG Certified and NCSC approved providers are to bring their expertise and experience to the new framework from the Cabinet Office and Government Digital Services - Digital Outcomes & Specialist framework from February 2017.

    Is defining your 'Risk Appetite' important?

    Is defining your 'Risk Appetite' important?

    Yes. But is it a simple decision whether to put your head inside a lion's mouth or not? Cyber security risk decisions aren't that straightforward.

    Ultimately, managing your cyber security risk is a trade-off between cost versus benefit. But it is a world away from being as simple as whether to put your head down a lion's mouth. Making a decision about cyber security risk is based on whether your organisation can manage the risk and therefore reduce it, or can afford to accept the risk and leave it alone for a while. The challenge is that not many organisations have the risk information, decision making process or risk management capabilities to do this on the fly without defining their risk appetite.  Do you know what your acceptable risk is?

    Many organisations work to reduce the risks then end up accepting the risks that are too difficult to reduce or they cannot see the value in reducing. The trouble is that if you don’t know what level of risk your organisation can tolerate, how can you decide on whether to accept them? You absolutely need a clear understanding on what is OK to accept and what is not? Everyone hopes to avoid them in the first place, then attempts to transfer them to be someone else’s problem. However, what is important is to the have the capability to reduce them to a level that you are willing to accept as an organisation.

    Many organisations are keen to understand how they will handle a cyber security attack and/or breach and are engaging cyber security organisations to review their business and technical environments. However, you get a better experience and answer to the question, “Do we really to spend this money on fixing this risk”, if you understand and know your organisation’s risk appetite. I’m not saying it’s a must, but in my opinion it’s a sign of real responsibility and maturity towards understanding your cyber security risks and threats. 

    Our Approach

    The process is pretty straight forward and it doesn’t have to be complex (complex = expensive). We believe in keeping things simple. You can spend lots of money trying to get a perfect answer only to change it 2 months later or you can get the fundamentals working properly and tweak to optimise it. There are 4 keys steps to follow:


    • Better decisions. Being able to make decisions easier and more accurately around risk treatment is important to be able to balance cost versus benefit when it comes to cyber risk.
    • Better risk management. Being able to manage risk more effectively by fully understanding your tolerances, thresholds and impact to assets.
    • Better financial management. Cost effective spending on cyber security controls and solutions is definitely important as many organisations are blindly spending money on cyber security without understand whether there is a benefit or they are reducing their risks. 

    If you would like to know more about this process of defining your Risk Appetite, or like us to run a free half day workshop on Risk Appetite Definition, please get in touch (details below)


    About Securestorm: We are a lean, agile and responsive cyber security consultancy that provides practical advice and intelligence with the aim to simplify the world of Cloud and Cyber Security. With a combination of innovation, expertise and strategy, Securestorm brings synergy to the industry.

    About the Writer: As the CEO, Mandeep is the chief planner behind Securestorm’s wheels responsible for steering and implementing all aspects of the sales, marketing and business development to ensure the company’s ongoing success and growth. As a veteran security advisor and business leader, Mandeep has managed multinational clients and is a well-known security expert in the industry who has built his career and reputation on solving clients’ information security, risk and compliance challenges. Mandeep is able to draw from his 20+ years of business and security experience across industry and regularly contributes industry insights, workshops and seminars in the IT security space. 

    Talk to us about this article: