Information Age has partnered with Tech Nation to help explore 20 of the UK’s leading cyber security scaleups.
Tech Nation Cyber is the UK’s first national scaleup programme for the cyber security sector. It is aimed at ambitious tech companies ready for growth.
In a series of 20 company profiles, we will be introducing you to the cyber security scaleups that make up Tech Nation’s first cyber cohort.
2. Alliantist, the company behind ISMS.online
All answers provided by Mark Darby, founder and chief executive at Alliantist
What does your company do?
We help organisations demonstrate they can be trusted for information and cyber security management, meaning they can win more business and retain existing customers.
We do this by equipping them with a cloud-based information security management system with knowledge, tools and services for ISO 27001, NIST cyber security and other compliance, standards and regulation frameworks all built in.
How do you differentiate from your competitors?
We offer an all in one place information security management system (ISMS) delivered securely in the cloud for organisations to show they have control of valuable information.
ISMS.online makes it easier to achieve and maintain recognised standards such as ISO 27001, NIST cyber security and many others, both at a strategic level, down through to staff and supply chain compliance. It is easy to use whether businesses are new to the topic, improvers or experts, and affordable to operate in smaller, medium sized or larger organisations.
Cyber security best practice: Definition, diversity, training, responsibility and technology
What are the common challenges in the cyber security space?
• Common strategic challenges typically revolve around seeing security as a cost, not an investment, as well as forgetting the bigger picture of how spending on cyber security can improve the business performance, not just make it less vulnerable to breaches.
• A great deal of emphasis has gone into the importance of operational data security investments (firewalls, routers, device monitoring etc), but less so the risk management, organisational governance, the overarching controls and human compliance factors that can lead to better business performance overall.
• Powerful customers and key groups are now recognising that broader more strategic approaches to information security management are also critical, which is why the growth of standards like ISO 27001 and NIST cyber security are happening alongside regulations like GDPR and others internationally.
What are the biggest mistakes a company can make regarding security?
1. Thinking cyber security is an IT problem or only applies to fixing external vulnerabilities. It is an important business growth issue that should be led from the leadership level overall and be part of the culture rather than added on to it.
2. Creating an information security management system (ISMS) from a zero base or administering an existing one with shared drives and documents. It is unlikely you’d build your own CRM or accounting system nowadays and now don’t need to do that for an ISMS either. Systems exist — like ISMS.online –which can free up valuable resources to focus on their core competences and get a massive head start on achieving standards like ISO 27001, NIST cyber security etcetera.
Tech Nation’s cyber security cohort: Corax company profile
Provide your best practice advice/top tip for effective cyber security?
• Treat information and cyber security as an opportunity to differentiate yourself to customers and other stakeholders interested in your organisation. Immediately show them that you can be trusted with their valuable information assets.
• They will then entirely concentrate on what your core product & service can do to aid them, rather than worrying about what your business might do to harm them.
Check out ISMS.online and see how your organisation can benefit by showing it is serious about information security management.