Ensuring the security of your business systems and the privacy of your business and customers data is a critical part of being a responsible business and ensuring trust from all stakeholders.
Loss of data can cause significant business disruption and a breach of data can result in fines and damage to your customers as well as your reputation in the market. With the increasing variety and sophistication of cyber threats, your systems need to be reviewed constantly and kept up to date with the latest preventative measures.
The dedicated team that looks after our systems and data at Irwin Mitchell can provide you with an assessment of your cyber security to better understand any risks and provide simple easy to implement recommendations to better protect your business. Our specialist GDPR experts are also on hand to advise on data usage and the regulations that need to be complied with to ensure you avoid any issues.
How Can We Help?
All businesses are at risk.
Criminals are interested in making money from anyone who is willing to pay out.
Common perception is that cyberattacks are complex, difficult-to-stop operations. The reality is that most attacks stem from a lack of basic security best practices. E.g. good passwords and identifying phishing attempts.
Stolen passwords are by far the most common way enterprise accounts and data get compromised.
Even attacks by nation-state actors typically rely on simple tactics like password sprays, which capitalise on employees using weak passwords.
- We set up a meeting to understand the complexity and size of your organisations system and infrastructure to be audited.
- We will guide and support the completion of an electronic questionnaire to provide key information.
- Our team will review the questionnaire and in consultation with multi-disciplinary experts, will identify the areas that should be addressed and prioritised.
- We provide a detailed formal report with a full assessment and recommendations. The recommendation will highlight simple key steps for your organisation, even with limited internal know-how, to better protect your systems and data from potential business risks and breach implications.
- We can deliver the results of this audit electronically or as part of a live session.
We use the key cyber hygiene controls that mitigate the majority of the risk. We will undertake an in depth assessment of your infrastructure and systems, using:
- 10 cyber risk areas
- 66 hard hitting controls
- An assessment of the business cyber risk profile and digital footprint
The process is based on a protocol already used in Irwin Mitchell and aims to give small to medium size businesses and start ups a practical means to understand your current situation and give you tools to better protect your business.
- We have over 85 years collective experience in cyber security.
- Our multi-disciplinary team of experts have qualifications covering; CISSP, SSCP, ComTIA Security+ (CSIS), CySA+, Azure AZ-900, computer network security, CISM, ISO27001 Lead Auditor, GDPR , C|CISO, CRISC.
- We’re trusted experts who already run this for Irwin Mitchell which has highly sensitive data.
- We use this process at Irwin Mitchell to advise our own supplier risk, and mergers & acquisition decisions.
- We work with the UK government's regional cyber security resilience teams to engage and educate e.g. Greater Manchester Police.
- Our audit is accessible and cost-effective. It’s designed to give small and medium businesses direction and peace of mind. The process is simple and the measures are easy to implement.
- We’re supported by a team of lawyers who can advise on GDPR and related regulations and requirements.
Pricing will be depend on the size, complexity and shape of the organisation and system to be audited. Infrastructure, hosted vs onsite, the number of sites, software, hardware etc. will also contribute to the final cost estimate.
Pricing will start at around £2000 for a basic audit but will depend on complexity of infrastructure and systems.
Certain organisations may qualify for a fixed fee audit.
Our Work In Cyber Security
“The results were a real insight into the cyber loopholes in my business which I had thought was pretty sound. The actions needed to correct the position were clearly laid out and easy to understand. Would definitely recommend for peace of mind.”
CEO and founder of a UK law firm | Cyber audit client
I’m a strong supporter of ESG and doing the right thing and in particular, I’m a passionate advocate for cybersecurity.
I place a high value on prioritising the ethical and responsible practices of businesses. As well as it being critical to help protect the environment, it’s also never been more important to have strong corporate governance in place. This includes taking steps to understand your real-world risk profile and ensuring your business is resilient. My approach to business reflects a commitment to these moral values, as well as a personal desire to make a positive impact to the planet and its inhabitants.View Graham's profile
Sustainability in business is about making a difference beyond short-term interests to build a better and fairer world for people and the planet with our finite level of resources. It doesn’t mean that business should not generate profit (far from it) but it’s long term value generation that will make the difference and comes from taking responsibility and having shared purpose at the centre.
When asked why this is important and urgent it brings to mind a quote from a film favourite - "There's a storm coming… batten down the hatches, because when it hits, you're all gonna wonder how you ever thought you could live so large and leave so little for the rest of us."View Hannah's Profile
For all ESG enquiries, please contact Graham Thomson, Chief Information Security Officer, by phone or email.
Our specialist sports lawyers have in-depth knowledge of the sports sector, many of them coming from sporting clubs and organisations themselves. They bring this passion and experience to a broad spectrum of ESG related services tailored to this industry, from corporate governance and compliance to environmental planning of a new stadium to awareness training on Diversity and Inclusion. For more information visit our Sport Sector ESG page.
The manufacturing sector is at the forefront of both the challenges and opportunities of building a sustainable business. From energy and emissions and waste management to responsible sourcing and large diverse workforces and work environments, our multi-disciplinary team of experts can help with achieving both the short-term wins and long-term goals. For more information visit our Manufacturing Sector ESG page.
Whether you are a developer, investor or occupier, there are significant considerations to ensure that properties are built and operated efficiently and responsibly. Our expert legal teams can advise across multiple real estate sectors to assist you in complying with regulations and managing the environmental and social impact of any property or development. From implementing of green leases and issuing of environmental permits to sophisticated environmental planning expertise, the team can guide you to achieve your ESG goals. For more information visit our Real Estate Sector ESG page.
Consumer facing and retail businesses are often in the spotlight when it comes to being responsible businesses. Fair labour practices, hyper consumerism and waste, safe working environments, packaging and marketing claims are all in a day’s work for these businesses. Our diverse team of consumer and retail specialists can advise on how to anticipate and plan for ESG considerations in this fast-moving environment to protect your business and ensure sustainable growth. For more information visit our Consumer Sector ESG page.