According to a recent report by Allianz, cyber events remain a top global concern for businesses, reaffirming the critical need for robust security measures. At PDMS we recognise the paramount importance of safeguarding your data and ensuring the security of the software solutions and services we offer.
Further strengthening our commitment to your security, we’ve undertaken several key initiatives aimed at bolstering data and cyber security.
Statistics
There were 2,365 cyberattacks in 2023 with 343,338,964
victims.
2023 saw a 72% increase in data breaches since 2021, which held the previous all-time record.
A data breach costs $4.45 million on average.
Ransomware attack victims rose by 28.17% between 2022 and 2023.
Email is the most common vector for malware, with around 35% of malware delivered via email in 2023.
Source: Forbes - Cybersecurity Stats: Facts And Figures You Should Know.
The Power of Collaboration
Joining forces with the Volaris Group
In December 2023, we joined the Volaris Group, a global buy and hold acquirer of software businesses. This move significantly bolstered our cyber security measures, thanks to the Volaris Group’s comprehensive Digital Security Program, which encompasses policies, standards, procedures, and guidelines governing all data, systems, activities, and assets.
Here’s how these enhancements directly benefit our customers:
Vulnerability Management
This advanced tool automatically gathers operational data from all our devices, including laptops, and virtual machines—even those used by remote workers. It provides real-time insights into our security posture, allowing us to assess and understand risks across our entire infrastructure. By pinpointing vulnerabilities, it helps us promptly address any issues, ensuring your data remains secure.
Managed Detection and Response Solution
This is a leading-edge solution recognised by industry experts like Forrester and Gartner for its excellence in endpoint (device) security. By implementing this solution, we proactively detect and prevent breaches and various types of attacks, including malware. This means your data is shielded from potential threats, providing you with peace of mind while using our software development and hosting services.
Cloud Security Platform
This platform acts as a protective shield against online threats while browsing the internet. It blocks access to harmful websites and stops malware in its tracks. It ensures the online activities of our staff—including handling your data—are safeguarded, minimising the risk of cyberattacks.
Cyber Security Rating and Risk Monitoring Platform
This solution offers ongoing, automated, and unbiased assessments of our security status and that of our third-party vendors. This means we can continuously monitor and enhance our security measures, ensuring your data remains protected while in our care.
Online Platform for Risk Assessment and Compliance
A platform which streamlines risk assessment, management, and the compliance processes; ensuring we operate effectively, ethically, and legally. It provides instant access to hundreds of standards, laws, and regulations. It helps us manage supply chain risks, ultimately safeguarding your data and software and ensuring regulatory compliance.
Security Awareness Training
We’ve provided all our staff with access to largest integrated Security Awareness Training and Simulated Phishing platform. By keeping our staff trained and vigilant, we mitigate the risk of security breaches, ensuring your data and software remains secure from potential threats.
As part of the integration process, we have also undergone a thorough security audit to ensure we meet the Group’s high standards. Whilst our cyber security measures were already robust, joining the Volaris Group has positioned us at the forefront of security excellence.
ISO 27001 Recertification
Elevating Security
Our dedication to security is further demonstrated by our ongoing commitment to the ISO 27001 security standard. Having held this certification for 18 years, we’ve recently transitioned to the latest ISO 27001:2022 standard. This update reflects the evolving threat landscape, with enhancements focusing on data privacy, cyber resilience, and a holistic approach to information security.
To achieve the standard we are audited by an independent body, Lloyds Register Quality Assurance (LRQA) - one of the leading certification bodies. By aligning with the latest industry standards, we ensure robust controls against sophisticated security risks, reaffirming our dedication to protecting the confidentiality, integrity, and availability of your data.
Cyber Essentials Plus
Strengthening Defences
We’re proud to hold the Cyber Essentials Plus certification, a testament to our commitment to combatting cyber threats. This certification scheme, endorsed by the UK government, help us to identify vulnerabilities and fortify our IT infrastructure against potential cyber threats.
To meet the updated requirements of Cyber Essentials Plus, we’ve implemented various enhancements, including:
- Standardising the desktop environment across all business units and employees.
- Adhering to the latest Microsoft best practices for identity management and access control.
- Migrating all corporate assets to secure public cloud services.
- Enforcing stricter asset control and policies around Bring Your Own Device (BYOD) compliance.
- Enforcing multi-factor authentication across all corporate services.