How can you ensure good security practice within your business? Implementing the appropriate policies and procedures is one of the keys to success – leading tech lawyer Nicola McNeely, HCR’s Head of Technology, will explore this at HCR’s fully funded Cyber Conference.
As the clock ticks down to one of the largest virtual cyber events of the year, here is an exclusive ‘insight from the expert’ on cyber contracts – one of the 25 sessions available from 21-23 September.
Session: The good, the bad, and the ugly – getting your contracts and policies right
21 September, 1:15 – 2:15pm
Getting your technology contracts and cyber-related policies right from the start saves time, money, and stress in the long run. There is a difference between having a draft policy on paper and implementing one in reality. It should involve trial runs, tests, preparation and processes, and should be well-known throughout the business; keeping it in a drawer for doomsday won’t help!
Insights from the expert
Technology contracts are paramount for improving your business’ cyber position; but where do you start? It will help if you are familiar with some of the common questions:
Q, What is the difference between ‘information security’ and ‘cyber security’?
A. These terms are used interchangeably and can be confusing, but there is an important difference:
- Information security is about protecting information (or data) that is found in any form (physical or electronic), focusing on the confidentiality, integrity, and availability of the information
- Cyber security is about protecting networks, devices, programmes and data from being damaged, compromised or attacked
Q, What is the difference between a business continuity plan and disaster recovery plan?
A, These are key aspects of managing cyber security incidents, but it’s important to know how and why they’re different:
- Business continuity focuses on keeping the business operational during a disaster
- Disaster recovery focuses on restoring data access and IT infrastructure after a disaster.
Q, How should I test my policies and plans?
A, Testing is a key element of implementing an effective plan and you can do this via tabletop exercises or simulated scenarios. Irrespective how you do it, you need to test your plan to see how it works and where it can be improved. Testing will also raise awareness of the plan, its purpose and where it can be found.
Hear more on cybersecurity policies, as well as crypto assets, tech business growth, cyber insurance and much more at the three-day event. Book your place now at the fully-funded Cyber Conference: www.hcrlaw.com/event/the-cyber-conference/
Harrison Clark Rickerbys have offices across the UK including : Birmingham | Cambridge | Cardiff | Cheltenham | Hereford | London | Milton Keynes | Northampton | Thames Valley | Worcester | Wye Valley
Follow us on Twitter: @HCRlaw