How can we help?

What can KanSecurity do for you?











It is in fact more of, what can I do for you?

I've been around the information and cyber security world for >30 years. This doesn't make me an expert.  I am of an age where cynicism, and here we go again has crept in.  Don't let that put you off. If you have an open mind, and prepared for a discussion then that will only lead onto good and positive outcomes

  • I can help with Certification
    • ISO/IEC 27001:2013, including (where letters of compliance are required)
      • ISO/IEC 27017:2015
      • ISO/IEC 27018:2019
      • In fact there are 188 (growing daily it would seem) from ISO, JTC1/SC27 Information security, cybersecurity and privacy protection, most of which I have a working knowledge
    • tScheme profiles, with ETSI and eIDAS (the latter two remain of limited interest post 31 Jan 2020)
    • Cyber Essentials Scheme; my preference is to work with IASME as the Accreditation body, and come April 2020 the only Accreditation body)
  • If you don't won't Certification, I can help in other ways
    • Building a shorted/small information security management system - your own
    • Looking at information and cyber security risk
    • Internal audit to your own policies and procedures (as the criteria), or simply
    • A gap analysis to which area is of concern
    • Building your control framework in response to your risk treatment decisions (not focused on Annex A of ISO/IEC 27001:2013, but your own framework or that of NIST SP 800-53r5 (although still in draft), CIS framework, or following good practice guidance from UK NSCS
  • If you simply want a checkup completed of the security profile of your business or function, service, department - more than happy to pop along.
  • GDPR (EU), DPA2018 (UK GDPR), PECR2003 - I'm not an expert but neither was a bandwagon jumper back in 2016 out to make a fast buck. I've been around the data protection environment from when the EU Directive 95/46/EC was transcribed into the DPA1998. In fact it goes back to the 84 Act when a Computer Bureaux was all the rage. So ask the question, and yes I can help.
  • Training, mentoring, awareness
    • As an Accredited Training Organisation with the BCS, the Chartered Institute for IT, I can provide accredited training:
      • Certificate in Information Security Management Principles (BCS CISMP)
      • Essentials Certificate in A.I.
        • Currently working on Security Architecture (this one is a 'wait-out" scenario for the moment)
    • Cloud Security Alliance CCSK and CCSK Plus
    • Mentoring to CISSP, CISM and CISA
    • Senior Executive briefings on information and cyber security
    • Staff training on information and cyber security to meet your specific context and needs
    • Helping to build your awareness campaigns
And, a lot more besides.  Experience has been across most business sectors and organisations (UK and overseas). For businesses large and small; mature to start-ups. 

Let me know what you need Email me and I will get straight back to you.  


Popular posts from this blog

Black Swans and other things

Image
Back swans and other things. For transparency I’m not an academic. What I enjoy doing is reading academic works, it does not matter what field, with the objective of attempting to answer questions I have related to information and cyber security. Two [of many] questions [the context throughout this blog are businesses, organisations, and information and cyber security] . Why, in the many cases that have been documented, do Chief Information Security Officers [CISO] get shown the door following a major breach of a company network? Whilst CISOs are highlighted, others having a similar role but not called CISOs, are also covered under this question. Why, given the current situation of COVID-19, were many businesses unprepared? The unauthorised attempts at infiltrating a company network, are not outliers [thus not a Black Swan], they happen daily, it is the norm. The evidence, even though prejudiced in itself, is there for all to see. I say that the evidence is prejudiced
Read more

Personal data or PII

Image
PII or not to PII, that is the question PII, or personally identifiable information, is used an awful lot to describe something that within the EU-GDPR, DPA2018 (UK-GDPR) is referred to as, personal data. What is personal data vs PII? Personal data - means any information relating to an identified or identifiable natural person (’data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (GDPR, Art 4(1)). PII is identified in US law as - information that can be used to distinguish or trace an individual's identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual.  (Offic
Read more

Sleepless nights, and business owners

Image
What keeps the business owner up at night? I am talking about owners of the micro, small, and in some cases medium sized business; those owners who on a daily basis put their heart and soul into building their business and doing all they can to keep it running successfully; making profit; keeping customers happy; employing people etc. The farthest thing from their minds will be information and cyber security.  It could even be suggested that the mere mention of the subject is likely to result in a furrowed brow followed by, this is what I pay the IT Service Provider to look after. It is not surprising then that the evangelist, having worked in the information and cyber security space for many years, comes across disinterest; disregard; and perhaps just a bit of indifference when the subject is raised. That is not meant to insult the business owners, it’s simply a fact of the evangelist's life. For 20 years and more so many thoughts around how to change mind-sets h
Read more