ABC Guides

About the guides

The CIISec ABC Guides are a series that both make it easy to understand cyber security risks for a wider audience and brings you and your business straight forward actionable steps to secure your organisation. 

The guides are free for CIISec members and are produced by industry experts to knowledge share and disseminate cyber security best practice. 

If you are a cyber security practitioner use the guides as a readymade solution to communicate the importance of cyber security issues and best practice to wider business functions. 

For business professionals, who may not be information security specialists, the guides are all you need to understand how you play a role in protecting your organisation against cyber threats.

Supplier Management

This guide focuses on information security in supplier management, and the part that an organisation-wide approach plays in mitigating cyber risk in supplier relationships. The guide sets out:
- The damage that occurs when unchecked cyber risk rears its head in supplier relationships
- The challenges which describe why strong information security management in supplier relationships is complex and often goes wrong
- A basic approach setting out how strong information security disciplines can be reflected at each stage of the procurement cycle in a way that doesn’t de-rail the business . View details...

Executive Board

This guide focuses on how to communicate cyber security risk to the executive board and practical guidance on gaining budget and discussing implications for the wider business.

The guide will set out:
- The journey of cyber security to becoming a main business issue and priority
- The challenges a business faces in the current day
- A basic approach to communicating risk to gain executive board buy in

Human Resources

This guide focuses on the areas that HR will encounter cyber security and where they need understanding of key issues and how to address these.

The guide sets out:
- The problems that can occur if these key principles are not in place
- The challenges which need to be overcome in order to avoid cyber security risks
- A clear approach and actionable steps to take to increase cyber security risk awareness in HR

Contribute to future guides

Our ABC Guides will continue to help practitioners effectively communicate cyber security to other areas of the business and give actionable steps on improving your businesses cyber security maturity.

If there are guides that you would like to see produced or if you would like to add your experience, knowledge and information to one of our guides please contact [email protected]

Our Steering Committee

Simon Rycroft - CEO CRMG
Andrew Richardson - Information Security Business Advisor, Tesco Bank
Kevin Streater - Vice President ForgeRock University, ForgeRock
Professor Steven Furnell - Professor of Cyber Security, University of Nottingham
Amanda Finch - CEO, CIISec

Sub group leads:
Supplier Management Lead - Simon Rycroft - CEO, CRMG
Human Resources Lead - Andrew Richardson - Information Security Business Advisor, Tesco Bank
Executive Board Lead - Chris Richards - AWE
Security Culture Lead - Sarah Janes - Owner & CEO. Layer 8 
Training & Awareness Lead - Simon Lacey - Principal Information Security Consultant


Tools & resources

As a member you can benefit from a range of tools to supplement our ABC Guides including:

Supplier Management Edition

To coincide with the launch of our ABC guide to supplier management, we are delighted that we have secured the offer of free access for our members to a third party/supplier risk management platform, Rizikon Assurance. CIISec Members can log in to find out more.