How valuable is this piece of paper? with Darren Chapman Owner & Principal Security Consultant at CyberScale Ltd

Darren Chapman of CyberScale enjoys a cyber brew with Lee from ALLOWLIST as he looks at what value you can put on certifications such as ISO 27001. Are they just pieces of paper or do they hold real value? Watch now!

How valuable is this piece of paper? with Darren Chapman Owner & Principal Security Consultant at CyberScale Ltd – Bio

Darren Chapman CyberScale

Owner and Principal Security Consultant for CyberScale, providing business owners and senior leaders with clear, balanced, business focused Cyber & Information Security guidance, consultancy and training services.

We provide services both directly and via partners on either a referral or white-label basis.

Certified Information Systems Security Professional (CISSP) and ISO27001 Lead Auditor. Advisory board member for East Midlands and East Cyber Resilience Centres, Director of the Norfolk & Suffolk Cyber Security Cluster.

Cyber Brew is the chatty side of ALLOWLIST – find out more https://allowlist.io/

Transcript

Lee Gilbank – ALLOWLIST

Here we are with Cyber Brew once again

I say once again

I don’t know if this is the first video you are watching.

Today I have to Darren who is the principal consultant and owner at CyberScale

CyberScale are a cyber security company who offer a pragmatic approach to Cyber Security

and offer a range of different workshops

You have a selection of workshops Darren? What are they?

Darren Chapman

Yes we have Lee. Hi by the way 🙂

We have a selection of workshops

We have employee awareness training that is a half day

which companies can send their staff along to

which we make interactive

people in groups

and then we have some more tailored ones.

Our Cyber Security for business leaders

So if you own a business or a in a senior role

and you want to know about security from that perspective

then that one is very valuable

We have ones on frameworks like Cyber Essentials and ISO 27001

to understand them and what you need to do.

There is one for incident response planning as well.

A wide range.

Lee Gilbank – ALLOWLIST

With cyber brew the first question I ask is – do you have a brew?

And what are you drinking?

Darren Chapman

I have a brew but I am not hardcore like you Yorkshire boys

I don’t have Yorkshire Tea

I have Green Tea with Ginger Bread

I don’t know how I feel about that

Very Healthy

Lee Gilbank – ALLOWLIST

The question I want to ask you is

How much is a piece of paper worth?

We are thinking Cyber Essentials, ISO certificates

How can you put a value on these pieces of paper?

How much is it worth?

Darren Chapman

In my consulting style I would say – it depends.

We help with both of those

but we are conscious not to

hang our hat on any one framework or standard

because they have different values for different organisations

Those 2 we just talked about are a good example

A lot of organisations will ask for one of those because they have been asked for it

example, if you work public sector you made need cyber essentials as part of that

If you supply banks or retail then you might need

ISO 27001

There is a commercial value in that

but there is also a value from a security point of view

and that is where there is more of a question around it.

If you are new, or small organisation

Cyber Essentials might be a good place to start for you

It has value to put basics in place

and it is straightforward to get.

As a mature organisation what it gives you might not be a huge benefit

because you are doing those things already.

To move your maturity, ISO might give you more benefit.

Lee Gilbank – ALLOWLIST

There is a big jump between cyber essentials and ISO?

I remember the Gov 10 steps to cyber security

I thought was a fantastic principle

In the middle between the 2

You have different frameworks

Darren Chapman

The bottom line is

what ever you get out of a framework

is directly proportionate to what you put in

and how you approach it

You CAN treat it as a tick box exercise

Like an exam, cramming and learning the things to pass it

but if you learn and concentrate on the reasons they are there in the first place

and gain the knowledge and apply it

That is where you get the benefit.

Apply it you and you will get more benefit.

So how valuable is the piece of paper?

Is based on what you take out of it from doing it, not getting it.

Lee Gilbank – ALLOWLIST

Cool. Thanks for your time Darren.

See you again.

Shopping Cart