Welcome to 'Security and Risk Blog' for Small and Medium-sized Organisations - otherwise known as SaRB for SMO's or SaRB for Small Organisations.

As the name suggests, this is a Blog about security and risk for small organisations to learn and explore more about the security risks and threats facing their organisations. Regardless of your lack of knowledge and experience we can guide you through to achieving secure outcomes for your organisation. 

Here are some of our Blog articles:

Effects of cyber security attacks - loss of business Why would anyone be interested in cyber security, especially in a small or medium-sized organ...
Getting caught by malware Malware is used by attackers to enable them to get to you, your data, or other assets. Getting it onto organisations' sy...
Physical Security In this article we explore the importance of physical security to cyber security in small organisations, and how one can affect ...
Biometric Authentication Many Small Organisations will use a vast host of online and offline services where they are required to login to prove wh...
Getting started in cyber security Get started with your Organisation's Security Programme! The hardest part of anything is often getting started, ...
Getting Enterprise Customers Today's enterprise customers are more attuned with risk and security and because of that they want to work with suppl...
Apples and Pears For small organisations to keep large enterprise customers they must make sure that their supply chain is secure, consistent and ...
Safe & Secure Browsing As web development has matured so to have the applications and interfaces of websites and the browsers used to view and...
Web Site Security People read or hear about breaches in the press on a regular basis, and website breaches are one of the largest categories of br...
 Social Media Social media has grown over the last fifteen years from being something you used occasionally to being something that some peop...
Monitoring and Surveillance Small and medium-sized organisations sometimes have issues which result in a thinking that they should monitor what em...
Cyber Essentials 1 In many previous episodes, we’ve mentioned Cyber Essentials Certification as a way of demonstrating a certain level of cyber se...
Great Wall of China An Organisation’s Internet Gateways (mainly routers and firewalls) are usually packaged in with modems as single devices and e...
Security Configuration All your operating systems, apps, software and services you use must be configured correctly to protect you from attacks. S...
Perception of hackers Introduction Small business owners and employees often mistakenly assume that hackers won’t be interested in a small busine...
Replace This Image Patching software has been an irritant for users and administrators as it can taken hours to complete. Implementing patches is ...
User Accounts. Attackers often get access to systems through weak account management practices, Cyber Essentials deals with this by ensuring that ...
Cyber Essentials Malware Protection - When attackers attempt to compromise systems, they often try to do it by loading some sort of malware code ...
Cyber Essentials Submission - The final stage of the Cyber Essentials process is to submit your questionnaire responses for assessment. Here we e...
Cyber Security Policy Discussions For a majority of small organisations, security policies will make a big difference when something goes wrong. S...


Topics we cover & How we Help

Managing Security Risks

Identifying threats and risks to organisations

  • Identifying assets specific to small and medium-sized organisations
  • Tools, services and controls small and medium-sized organisations can use: 
    • for protecting their assets
    • to detect whether their organisation is in the process of, or has already been breached
    • to respond to a likely breach or compromise
    • to recover from breaches or compromises
  • Email security issues for organisations
  • Ransomware risks to organisations
  • Network security for small organisations
  • Risks and strategic and tactical approaches to security from a 0 to 10 to 50 employee organisations and beyond.

Free security and risk resources we provide

  • Complete Cyber Essentials Asset Register spreadsheet with: 
    • Computer details
    • Server details
    • Mobile devices 
    • Network devices
    • Printers and scanners
    • Other devices
    • Special bonus includes other Intellectual assets tab not for Cyber Essentials Certification
  • Template policies
  • Checklists
  • Action lists.