vi logo

Welcome to 'Security and Risk Blog' for Small and Medium-sized Organisations - otherwise known as SaRB for SMO's or SaRB for Small Organisations.

As the name suggests, this is a Blog about security and risk for small organisations to learn and explore more about the security risks and threats facing their organisations. Regardless of your lack of knowledge and experience we can guide you through to achieving secure outcomes for your organisation. 

Here are some of our Blog articles:

Why would anyone be interested in cyber security, especially in a small or medium-sized organisation? The reality is that no one is particularly ...
Many Small Organisations will use a vast host of online and offline services where they are required to login to prove who they are. That process...
Get started with your Organisation's Security Programme! The hardest part of anything is often getting started, whether it is a personal fitness ...
Today's enterprise customers are more attuned with risk and security and because of that they want to work with suppliers which take security ser...
For small organisations to keep large enterprise customers they must make sure that their supply chain is secure, consistent and not affected neg...
As web development has matured so to have the applications and interfaces of websites and the browsers used to view and access them. The fact tha...
People read or hear about breaches in the press on a regular basis, and website breaches are one of the largest categories of breaches that take ...
  Social media has grown over the last fifteen years from being something you used occasionally to being something that some people rely on t...
Small and medium-sized organisations sometimes have issues which result in a thinking that they should monitor what employees are doing. These is...
In many previous episodes, we’ve mentioned Cyber Essentials Certification as a way of demonstrating a certain level of cyber security controls. B...
An Organisation’s Internet Gateways (mainly routers and firewalls) are usually packaged in with modems as single devices and enable access to the...
All your operating systems, apps, software and services you use must be configured correctly to protect you from attacks. Secure Configuration of...
Introduction Small business owners and employees often mistakenly assume that hackers won’t be interested in a small business, because they don’...
Patching software has been an irritant for users and administrators as it can taken hours to complete. Implementing patches is very important to ...
Attackers often get access to systems through weak account management practices, Cyber Essentials deals with this by ensuring that organisations ...
When attackers attempt to compromise systems, they often try to do it by loading some sort of malware code onto your device, Cyber Essentials dea...
The final stage of the Cyber Essentials process is to submit your questionnaire responses for assessment. Here we explore some of the things orga...
For a majority of small organisations, security policies will make a big difference when something goes wrong. Security policies can not only set...
For Small Organisations and individual users it is often difficult to know what they should be doing, and when they find out and start doing it, ...
The Covid-19 pandemic in 2020 accelerated the need for all organisations to consider remote or home working in ways that nothing else before it h...


Topics we cover & How we Help

Managing Security Risks

Identifying threats and risks to organisations

  • Identifying assets specific to small and medium-sized organisations
  • Tools, services and controls small and medium-sized organisations can use: 
    • for protecting their assets
    • to detect whether their organisation is in the process of, or has already been breached
    • to respond to a likely breach or compromise
    • to recover from breaches or compromises
  • Email security issues for organisations
  • Ransomware risks to organisations
  • Network security for small organisations
  • Risks and strategic and tactical approaches to security from a 0 to 10 to 50 employee organisations and beyond.

Free security and risk resources we provide

  • Complete Cyber Essentials Asset Register spreadsheet with: 
    • Computer details
    • Server details
    • Mobile devices 
    • Network devices
    • Printers and scanners
    • Other devices
    • Special bonus includes other Intellectual assets tab not for Cyber Essentials Certification
  • Template policies
  • Checklists
  • Action lists.