News & Blogs

News & Blogs

You can see our regular blog on GDPR here

IASME in the Press

SC Congress: 'GDPR is a measure of just how seriously we take data' - SC Magazine, 10th February 2016

The growth of cyber crime: how well is your client data protected? - Lexology, 13th January 2013

The ghost of Windows XP still haunts SMBs - IT PRO, 12th November 2015

Cyber security industry urged to engage with SMEs - Computer Weekly, 11th November 2015

ISSE Berlin: Most SMEs do nothing about cyber-security - SC Magazine, 10th November 2015

Supplier must do more on cyber security, say buyers - Supply Management, 10th November

How to stop cyber-attacks on your organisation - The Guardian, 14th October 2015

Uniting against the threat - BQ Live, 31st August 2015

Essential Protection - CHARTECH, ICAEW March 2015

What the internet of things means for businesses: 10 things we learned - The Guardian, 21st July

How relevant is Cyber Essentials to your business proposition? - SC Magazine, 9th July 2015

The expert's step by step guide to cyber security - The Guardian Small Business Network, 2nd April 2015

Primary School Achieves Cyber Essentials Certification - SC Magazine, 26th March 2015

SMEs and big companies - Friends or Foes? - The Great Business Debates , 25th March 2015

FireEye Achieves Certification Within UK Cyber Essentials Scheme - MarketWatch, 19th January 2015

Malvern Hosts Cyber Training - FT, 30th September 2014

UK's first cyber essentials course to be held at Malvern - Worcester News, 30th September 2014

AIG press release about included cyber liability insurance for small companies - 20th September 2014

Britain's small cyber security firms get £4m boost - 16th September 2014

AIG offers SME protection against "hacktivists" with new cyber product - 15th September 2014

HP Strengthens UK Public Sector Supply Chain with Affordable Cyber Security Accreditation for SMEs - 8th September 2014

Press release about Cyber Essentials success - 16th June 2014

Information assurance certification gives SMEs the edge - 9th May 2013

Computer Weekly European User Awards for Security: Winners - 3rd May 2013

Chloe Smith MP keynote speech at Infosec 2013 - 23rd April 2013

ICT Knowledge Transfer Network - 27th March 2013

My News Desk - 11th March 2013

Financial Times - 25th February 2013

Vigilance Security Magazine - 14th February 2013

Academic Papers

An Analysis of Barriers to Data Security in Small and Medium Sized Enterprises by Daniel Banks, Staffordshire University. Supervisor: Euan Wilson. Final Report for MSc in Professional Computing.

This research paper provides an insight into the reasons given by SMEs why they are reluctant to address cyber security. The findings broadly support claims in the literature that smaller businesses have a more limited approach to data security when compared to their larger counterparts. However, the findings also suggest that there is little relationship between levels of data security and number of business contacts – indicating that well connected SMEs might pose the biggest risk to larger businesses and the national infrastructure.

Based on results from Principal Component Analysis, the key barriers to improved data security in SMEs appeared to focus around the two components of data protection knowledge and risk perception. It is therefore contended that initiatives should focus on improving knowledge and risk assessment capabilities – especially as we approach a new age of mandatory data breach notification.


IASME: Information Security Management Evolution for SMEs: Henson, Richard and Dresner, Daniel and Booth, David (2011) IASME: Information Security Management Evolution for SMEs. In: ATINER 8th Annual International Conference on Small & Mediun Sized Enterprises: Management - Marketing, 1st - 4th August 2011, Athens

Information Assurance and SMEs: Research Findings to inform the development of the IASME model: Richard Henson, Senior Lecturer in Computing and Knowledge Transfer Fellow in Information Security, University of Worcester and David Booth, CESG Senior Consultant (retired).

SMEs, Information Risk Management, and ROI: Henson, Richard and Hallas, Bruce (2009) "SMEs, Information Risk Management, and ROI". In: Athens Institute for Education and Research (ATINER) SMEs Conference 2009, 10th-13th August 2009, Athens, Greece

General Articles of Interest

April 2013

Symantec Report Finds Small Businesses Battered By Cybercrime 

March 2013

HMG to promote cyber security standards. See more information here.

Highlights for the Board - The ICO has now issued very comprehensive advice for organisations using personal devices (BYOD e.g. laptops, tablets, smartphones etc.) in the course of business. The key message is that the data controller must remain in control of the personal data for which he is responsible, regardless of the ownership of the device used to carry out the processing. This means you can be in breach of the Data Protection Act if personal information is compromised while stored on any BYOD personally owned device used by you or your staff (in an email, document or anything else). This makes it particularly necessary to keep firm control of the use of these devices, have a clear policy and ensure all employees follow it.

February 2013

We must all take our Cyber Security seriously - The Observer

Leading Companies Adopt New Security Tools - Computer Weekly