Blog

When setting out their budgets for 3 years (in some organisations this can be 5 years or even up to 10), CISOs have a good idea of what to plan for in Year 1; some degree of certainty in Year 2; but as the planning cycle moves into Year 3 and beyond, they have less visibility on where they should be spending their money.
Therefore CISOs often put ‘placeholders’ in their budgets for Year 3, because if they don’t budget for them, they may see their budgets reduced.

To read our latest whitepaper which summarises our panel session we hosted over the summer. Click Here to download.

The Covid-19 pandemic has had a dramatic impact on businesses and their supply chains.

Organisations have had to take important decisions to keep themselves alive not only in terms of sales revenue and production, but making it possible for employees to work remotely where their role allows. Some companies will have been set up for this from a technology stand-point but for many, it will have been a real headache and rush job to work around whatever technology they could get, or had available.

The bar of entry to becoming an operator in the financial services industry is understandably high as it is necessarily heavily regulated.  The UK financial sector has evolved rapidly over the last five years with the growth of fintech businesses looking to drive innovation into the banking industry.  As well as developing technology, new entrants must pay great attention to meeting the requirements of the regulators as well as ensuring that a ‘privacy by design’ approach is taken from the outset.  There is a risk that founders might focus all of their energy into the development of innovative and cutting-edge technology offerings, but at the detriment of meeting the demands of the regulator and broader privacy requirements.

By Stuart Jubb, head of consulting at Crossword Cybersecurity, looks at how fintech start-ups can maintain their agility while reducing risk with supplier assurance

Working from home comes with a range of security risks, but employees need to be educated too – human behaviour is invariably the weakest link in a company’s cybersecurity posture. In the current environment, with many more employees working at home, cybercriminals are actively looking for opportunities to launch phishing attacks and compromise the IT infrastructure of businesses, large and small.

Guidance on Working from Home

All companies should start by reviewing the home working guidance available at the UK Government’s National Cyber Security Centre (NCSC). This resource helps companies prepare their employees and think about the best way to protect their systems. Crossword has been advising a number of its FTSE clients in a range of sectors, and below is a summary of the guidance given, in addition to that from the NCSC.