Home – New Forums Tech talk Cybersecurity requirements

Tagged: 

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #1234384
    ash_o
    Participant
    • Total posts: 3
    Up
    0
    ::

    Hi all

    I’m just starting my journey and am close to landing my first project with a larger firm. They’ve advised I’ll need to pass their cybersecurity requirements if I’m successful.

    Is anyone able to advise what are the typical requirements for these larger companies and costs?

    This is one area I know nothing about.

    Thank you!

    #1234412
    Paul – FS Concierge
    Keymaster
    • Total posts: 3,488
    Up
    1
    ::

    Hi and welcome Ash.

    Hopefully some helpful members will be along soon with some advice to point you in the right direction.

    Cheers
    Paul

    #1234419
    Cec Busby
    Keymaster
    • Total posts: 25
    Up
    0
    ::

    Hi Ash, what area of business is the firm in? Different sectors have different regulations for example the cyber security requirements of a financial service provider are very extensive and explicit as they are dealing with very sensitive information.

    Cec Busby Editor Flying Solo
    #1234421
    ash_o
    Participant
    • Total posts: 3
    Up
    1
    ::

    Hi Cec!
    They are in the health insurance sector, I would have access to financial records, accounts and future business strategies so sensitive information.

    I have reached out to some cyber IT companies, I’m just waiting to hear back. Any guidance would be great!

    Thanks

    #1234562
    Rhonwyn
    Participant
    • Total posts: 6
    Up
    2
    ::

    Hi Ash,
    Cyber Security Requirements for this means ensuring you have excellent digital and human protection set up for your business. You can follow the guidelines set out in ISO27001 of you want to dive deep.
    Otherwise the basics are:
    – Passphrases or equally complicated/strong passwords are used, and changed regularly (using a password vault like OnePass or LastPass also)
    – Multifactor authentication used on your programs
    – VPN where possible
    – Automatic updates (or patches) on all of your programs and computer operating system
    – Windows Defender max settings or another strong Digital protection program like Trend Micro running.
    – Automatic backups of all of your data (off site if possible)
    – Access control protocols (eg; Ensuring no 3rd parties have access to your data, and ceasing any access to people who leave the business)
    – Cyber Incident Response plan and/or checklist (in case you are attacks)
    – Regular training for all staff, especially remote workers, to follow all the security processes

    Given the access, you likely would need to sign a Non-Disclosure agreement, pass a Criminal History Check and there may be some other specific things they need from you to satisfy their risk management items.

    I hope that helps you.
    I have a Cyber Security firm so please reach out if you need more help 🙂 There are more advanced programs and protocols you can set up.
    Cheers
    Rhonwyn

    #1234761
    ash_o
    Participant
    • Total posts: 3
    Up
    0
    ::

    Excellent thanks for the detailed response Rhonwyn. Are you able to advise how I could get certified to make it easier to demonstrate to clients?
    Thanks
    Ashley

Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.