Simeon Quarrie-round photo

Yulia Cherdantseva

Cardiff University

A best practice guide for SMEs on cyber security investment decision-making

“Board members & executive members, instead of just IT staff, should look over cyber security as a strategic business issue.

Summary

Nine recommendations for SMEs about cyber security investments:

1. Shift in mindset to perceive cyber security as a Competitive Advantage and a Business Enabler.

2. Educate executives about cyber security.

3. Appoint a cyber security ambassador among executive members.

4. Adopt a risk-based approach to cyber security.

5. Understand the full cost of a cyber security breach.

6. Other important factors to consider: technical support availability, trust in a security vendor etc.

7. Identify a set of cyber security metrics that fits a company needs.

8. Get a cyber security certification as it is a valuable marketing asset.

9. Customer requirements drive the strengthening of cyber security.

    More about Yulia

    Dr Yulia Cherdantseva is a Lecturer at the School of Computer Science & Informatics at Cardiff University. Yulia worked as a lead researcher on the project “Supervisory Control and Data Acquisition Systems Cyber Security Lifecycle (SCADA-CSL)” funded by the Airbus Group Endeavr Wales and the Welsh Assembly Government, where she developed a novel SCADA Cyber Security, Safety and Risk (SCADA CSSR) graphical extension for BPMN 2.0 and a configurable dependency model of a SCADA system. In 2020-2021, she led an NCSC and RISCS funded project about cyber-security decision-making by SMEs which resulted in the development of the Best Practice Guide for SME in Cyber Security Investment Decision-Making. In 2021, she was awarded an EPSRC grant for developing a framework for risk-informed and metrics-enriched cybersecurity playbooks for enhancing CNI resilience. Yulia is a cyber skills lead at the School and is interested in cybersecurity education from the primary school up to professional development level. From May 2021, Yulia is a member of the CyBOK Executive Board. Yulia is passionate about equality and diversity in cybersecurity.

    Back to speakers