Viewing archives for Technology

Cyber Security is a Leadership Challenge

These days perhaps half of all companies face a Cyber Security attack. The usual response is to insist that it’s the IT team’s problem. But in our experience, the buck stops with the CEO. This short video explains how you can quickly educate yourself about Cyber Security and how Freeman Clarke can help.

Visit our Cyber Security knowledge center which includes more content related to this topic.

Freeman Clarke is the largest and most experienced team of part-time (we call it “fractional”) CIOs and CTOs. We work exclusively with ambitious organizations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

My company is under cyberattack! What do I do?

What to do if and when your company suffers a cyberattack.

You can listen to the other audios in this series here.

Freeman Clarke is the largest and most experienced team of part-time (we call it “fractional”) CIOs and CTOs. We work exclusively with ambitious organizations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

How do you start a Cyber Security plan?

So many CEOs, however capable, are unsure about how to start a Cyber Security plan. Gerry explains where and how to start.

You can listen to the other audios in this series here.

Freeman Clarke is the largest and most experienced team of part-time (we call it “fractional”) CIOs and CTOs. We work exclusively with ambitious organizations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

How can a CEO get the sales team focused on Cyber Security?

So many security risks come in through the sales team. Listen to our quick guide to getting the salespeople to take these risks seriously.

You can listen to the other audios in this series here.

Freeman Clarke is the largest and most experienced team of part-time (we call it “fractional”) CIOs and CTOs. We work exclusively with ambitious organizations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

How to judge your real level of Cyber Security risk

A quick guide to assessing your company’s actual risk of cybercrime, and how to get started on prevention.

You can listen to the other audios in this series here.

Freeman Clarke is the largest and most experienced team of part-time (we call it “fractional”) CIOs and CTOs. We work exclusively with ambitious organizations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

How to get Cyber Security on the C-suite agenda

Cybercrime is a clear and present danger to mid-market companies. Here’s how to get your executive team to make it a priority.

You can listen to the other audios in this series here.

Freeman Clarke is the largest and most experienced team of part-time (we call it “fractional”) CIOs and CTOs. We work exclusively with ambitious organizations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

Business after COVID-19: What’s the New Normal?

The COVID-19 pandemic is a historic world event. It is already causing widespread societal and economic change.

Even if lockdowns are relaxed over the coming weeks, we will have to face COVID-19 for many more months.  And new ways to live and work will have become entirely normalized by the time this pandemic is behind us.

It’s reasonable to ask ourselves what these changes may be and what they will mean to our businesses.

Visit our COVID-19 knowledge center, which have more useful content related to this topic.

Freeman Clarke is the largest and most experienced team of part-time (we call it “fractional”) CIOs and CTOs. We work exclusively with ambitious organizations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

How Tech can help your Food & Beverage business grow

The Food & Beverage sector is experiencing a major surge. The best performers are seeing strong demand and solid cash flows – and a real opportunity to scale up significantly in the coming months.

This can be a permanent change. If they do it right, Food & Beverage companies will see a consistent increase in market profile, profits, and company value.

But it won’t stick unless they get their IT right. If your Food & Beverage company is to grow and thrive, you need to improve IT, systems and digital strategies.

In our experience, there are 5 areas to focus on:

  1. Streamline processes.
    Often this means simply ensuring that existing ERP systems are fully exploited:
    a. Reduce time wasted on manual processes like rekeying and tinkering in Excel
    b. Rollout unused or underused features (you may already have paid for!)
    c. Retrain staff to ensure tech is properly used and processes followed
  2. Reduce product wastage – especially for perishables.
    But maintain quality and quick response to retail demand by:
    a. Improving demand forecasting and business intelligence
    b. Enabling intelligent trend analysis
    c. Efficiently controlling inventory, production, and warehousing processes
    d. Utilising AI and machine-learning where practical
  3. Take an agile approach to online direct-to-customer sales.
    Focus on flexibility and foresight:
    a. Look for simple, low-cost entry points, perhaps based on Amazon as well as your own website, with minimal capital outlay
    b. When cost-effective, integrate to ERP system to minimize rekeying and to provide accurate stock availability
    c. Create a roadmap for warehousing and delivery options as the online business grows
  4. Optimize promotions and ramp up marketing.
    Improve promotion ROI and establish brand with:
    a. Wider use of marketing tools like social media and an email database
    b. Better analysis tools to optimize planning, execution and analysis of promotions (investments in retail price reductions)
    c. Improved integration and sharing between tech and marketing
    d. Well-implemented CRM and data-driven marketing systems
  5. Seize new opportunities.
    Keep testing new products and new markets!
    a. Combine new and existing data to identify capacity and market demands
    b. Combine costs and sales forecasts to model ROI

Our Principals are often asked to help scale up companies in the food and beverage sector, they’ve got the commercial and tech experience to help your company grow. If you’d like to know more about what we do, or even if you just have questions about Food & Beverage and IT, get in touch!

Freeman Clarke is the largest and most experienced team of part-time (we call it “fractional”) CIOs and CTOs. We work exclusively with ambitious organizations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

How to Stop Worrying About Cyber Security and Compliance: Part II

The second of our two-part report providing busy CEOs with a template for mitigating the stresses and risks of cyber security and compliance. Here is Part I if you missed it.

Previously we discussed why businesses often procrastinate when it comes to cyber security and regulatory compliance. Now it’s time to list how you can mitigate the risks and sleep better at night.

  1. Make a Risks-and-Issues Analysis

Every substantial business should maintain a list of risks and issues, with some analysis of the mitigation options. The board should review this document at least annually, and each risk or issue must be owned by an executive with the expertise and time to manage it.

A certain level of risk is of course inevitable. But you need to know what you have, what’s valuable, and what’s vulnerable. Documenting the risks, and having an open discussion about them, will drive sensible decisions about how to mitigate risk and take action when and if the worst happens.

Even better, it avoids sweeping issues under the carpet. Instead, you can confront the real business risks, identify a proportionate response, and ensure you are looking after the things that matter.

Proper backup plans, disaster recovery, and crisis management plans will flow from these discussions.

  1. Review Your Cyber Insurance

It’s prudent to consider cyber insurance. But not all cyber insurance is created equal. You need to carefully select an appropriate policy and provider.

The first thing to watch out for is if the provider takes the time to understand your risks and requirements. If they don’t, then they’re simply looking to sell you a policy, and you should walk away.

Next, check the exclusions on the policy. Make sure a member of your executive team understands the coverage — most importantly, if it covers ransomware payments, recovery costs, and loss-of-business. Remember that cyber insurance may not give you back money that’s stolen from you; that generally requires crime insurance.

Also, you should learn how claims work with the insurer. If you have to make a claim, will the insurer specify who runs the recovery program? If so, how quickly can this third party mobilize? If the insurer does not stipulate a third party, don’t wait for an incident to evaluate potential suppliers — identify the best one now.

Ensure that your IT is compliant with the policy. The insurer may impose requirements on your IT, and these requirements may be obscure and complicated. Often the CFO signs the insurance policy without communicating the requirements to the IT team. And the IT team may need to document how they meet the requirements, so that the insurer can audit if necessary. Otherwise your policy may be invalid!

Finally, are your suppliers’ contracts clear about their liability? And are they appropriately insured?

  1. Get Behavioral and Awareness Training

The weakest security link in any business is often the people. Some of your staff may struggle to understand the issues or to know what secure behaviors really are. You need to clarify your expectations.

Unfortunately, lots of companies have security protocols that no-one reads. Or perhaps people circumvent the rules with the tacit approval of their managers, who are busy and under pressure to deliver results. For example, if managers are writing passwords on Post-its, or accessing email from insecure home computers, then their subordinates will do the same.

Instead you’ll want to foster a culture of security. For example, is your finance manager empowered to challenge an email that looks like it’s from you calling for an “emergency payment?” How are suppliers’ bank details verified? Is your IT staff empowered to call out poor security practices from senior managers?

We recommend awareness training, which is relatively inexpensive — a few hundred or thousand dollars. A small price to pay compared to the expense of getting hacked!

  1. Follow the NIST Cyber security Framework

For most businesses there is a straightforward route to getting basic security right — adhering to the Cyber security Framework from the National Institute of Standards and Technology (NIST).

The Framework is a voluntary set of “standards, guidelines, and practices to promote the protection of critical infrastructure.” It’s also the result of a collaboration between industry and government, so it’s designed to be flexible and cost-effective.

As with every aspect of cyber security, though, the Framework is ever-changing; make sure you have someone checking it periodically.

  1. Do a Penetration Test

A penetration test is when a third party looks for weaknesses in your website and networks. Most companies can have a full, detailed penetration test for just a few thousand dollars.

This is essential if your website includes custom software or any kind of ecommerce services! Poor technical practices can result in custom software being full of holes. The OWASP top 10 is a list of the standard vulnerabilities that almost all hackers focus on — ensure your penetration test includes checks against this list.

Typically, penetration test findings are divided into high, medium, and low priority. Address all high- and medium-priority issues immediately. Address low-priority issues on a case-by-case basis.

  1. Consider Complying with GDPR

The General Data Protection Regulations came into force in Spring 2018 in the European Union (EU). The rules are in force, with high penalties for breach. Being outside of the EU doesn’t necessarily mean the that GDPR is not your problem: the law applies to any company doing business with EU citizens.

The good news is that for the most part, the compliance measures are sensible and worthwhile. And most businesses can organize an expert assessment of their GDPR compliance for a few thousand dollars.

The recommendations can be complicated, and GDPR compliance can be a long process. So you’ll need to plan the work as a series of projects. Someone at the executive needs to have ownership of it, preferably someone both commercial and sensible in their approach.

You should also check local laws. For example, New York State’s Governor Cuomo recently signed the New York Shield Act, which expanded the notification requirements in the event of a security breach. This law applies to any company with employees in New York State, which, given its size, will have national and even international implications.

  1. Comply with ISO27001

ISO27001 is a more serious information security and management standard. Some companies have this standard imposed on them by corporate or government customers.

Either way, if your business is complex or has specific security requirements then ISO27001 provides you with a means to foster a culture of security. For example, if you manage sensitive data or valuable intellectual property; if you want to demonstrate your credentials to demanding corporate clients; or if you plan for your business to offer important IT services, then ISO27001 gives you a means to embed security into every aspect of your business operations.

This is another standard that requires external assessment. Although it may only cost a few thousand dollars, implementing the necessary changes can be complicated and invasive. But that’s why companies brag about their ISO27001 accreditation — it’s a demanding standard and it means something.

Remember: Secure Companies Are More Efficient and Reliable

Let’s emphasize that the above steps are sensible. They will make your business more secure, so that you can your customers can sleep soundly. And in the event of a problem — because there are always problems — you will have mitigated the damage, and your business will recover more quickly, and you can avoid criticisms or accusations of negligence.

One final point: well-maintained systems and security practices will make your business far more effective, profitable and reliable.

You may like to visit our Knowledge Center, which includes all content related to this topic.

Freeman Clarke is the largest and most experienced team of part-time (we call it “fractional”) IT leaders. We work exclusively with ambitious organizations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

 

Get real! Big versus small in the age of tech disruption and innovation

Challengers versus incumbents, big versus small — recent years have seen the emergence of countless challenger businesses rising up across a number of sectors, all of them armed with the newest developments in technology, bearing promises of innovation and change but with no certainty they’ll last through the year. Sentiments are strong on both ends—incumbents have lost  touch with what customers really want! Newcomers don’t have the means or experience to make  things happen! Everyone’s promising to shake things up but who will actually deliver and see the  long term results?

You know us by now as the tech trio—Freeman Clarke, Manifesto Growth and Northern Star:  strategy, expertise, and infrastructure, and you know we’ve never been the ones to shy away from a  debate. This recent event we ran was no different. We pitted leaders from challenger and incumbent businesses,  from across different sectors, against each other, giving them a chance to stake their claims.

Watch our video to see more, and for a chance to attend exciting events like this, check back on our events page here.

Freeman Clarke is the largest and most experienced team of part-time, or fractional, IT leaders. We work exclusively with organizations looking to use IT to grow their business. For an informal conversation, contact us and we’ll be in touch.

Subscribe to our Business Insights

Plain English board-level briefings focused on technology strategies to deliver competitive advantage and business success.

* Please enter an email address
newnewsletterrecipient

You can unsubscribe at any time.

Thank you.

You’ll now receive regular expert business insights.

Call us on 0203 020 1864 with any questions.

Graeme Freeman
Co-Founder and Director

Subscribe to our Business Insights

Plain English board-level briefings focused on technology strategies to deliver competitive advantage and business success.

* Please enter an email address
newnewsletterrecipient

You can unsubscribe at any time.

Thank you.

You’ll now receive regular expert business insights.

Call us on 0203 020 1864 with any questions.