Battle to keep up with Regulatory environments
At CentricalCyber we love F1 racing and the race on Sunday was crazy, two teams locked in fierce battle on the track, racing hard. A battle that will continue to the end of the season.
As we watched the race, we were struck with the sense of the ongoing battle for regulated entities to keep pace with the continual evolution of Regulatory environments, where just as you feel you have reached clean air and can breathe again, wham, another Regulatory requirement.
Perhaps that is how you felt in Guernsey when the GFSC issued the Cyber Security Rules? We wonder if you can see yourself in one of these reactions when the Rules came out:
- Had a quick glance at the Rules, ignored the Guidance, and put them to one side thinking the requirements were ok, and that you could save it until closer to the time, but still have not quite got round to them;
- Thought ‘wow awesome, these Rules are ideal for my team to get to work with’, and since then your IT or Compliance team has had them on a to-do list but they have not quite been done yet;
- ‘We are part of a Group so I’ll pass to them and we will be fine’, but you have not had the chance to validate their work to provide comfort to your Board that the Rules have been implemented;
- ‘The Rules are for the bigger firms, we are too small and don’t need to worry, our local IT support contract covers everything’, but you have not known how to complete a gap analysis to check their services, your risk management framework and your policies back to the Rules.
They gave businesses a few months to implement the Rules, but if you are not feeling quite as confident as you could be that your regulated business has implemented the Cyber Security Rules do not panic…yet! Although now less than 15 working days until you are due to have implemented the Rules, please get in touch if you would like some urgent help.
CentricalCyber are your local totally independent cyber risk specialists. We know the Rules and would love to help you as much as we can.
We can offer you:
a) a full cyber risk-based gap analysis;
b) a validation gap-analysis service of the work that your Group HQ has undertaken for you;
c) a validation gap-analysis service of the work that your internal team has undertaken.
For each gap-analysis service, we can work with you to swiftly document a remediation roadmap for any gaps identified. We can then assist you, on a risk-based priority basis, with the remediations as far as possible prior to 9th August and then post that date where accepted risks.
On Sunday, Lewis Hamilton had to chase hard with just a few laps to go. Maybe you and your business need to chase hard right now to ensure you have implemented the Cyber Security Rules.
Get in touch with us!