Guide to Sound Practices for Cyber Security 2.0
Published: 10 July 2017
This Guide (version 2.0) published in July 2017 is the fourth iteration of the Guide (first published in October 2015). Among other things the update includes further discussion around vendor due diligence, cloud service considerations, red teaming, risk transfer and insurance, penetration testing, scanning and patching discussion, incident response plan, two factor authentication, a full revision of the nature and scope of cyber threats which presents the reader with real life examples of hacks, an illustrative case of how the U.S and Europe are changing their approach to cyber security, and a general update to the elements of an effect cyber security programme. Please check back periodically for future updates to the Guide.