Yesterday, Guernsey’s Financial Services Commission (GFSC) released their new document ‘Cyber Security Rules & Guidance, 2021’.
Guernsey’s IT services provider, Resolution IT, has commented on the recommendations.
James Kelsh, Resolution IT’s Head of Information Security said: ‘Much as we were expecting, the GFSC’s Rules are based around the five core principles of Identify, Protect, Detect, Respond and Recover. Within these fall many of the requirements we have been delivering for our clients, including making sure appropriate cyber security software is in place, ensuring all IT systems updates are carried out, formulating the correct cyber security policies and regular employee cyber security training.
“The GFSC’s Cyber Security Rules & Guidance also notes that there is not a ‘one size fits all approach to addressing cyber risks’ and suggests firms consider accreditation or certification from a recognised body, such as Cyber Essentials and Cyber Essentials Plus. As Guernsey’s first recognised Cyber Essentials, Cyber Essentials Plus and IASME certification centre, we regard these certifications as essential elements of a company’s cyber security framework. The GFSC also recognises that their guidance may also be used for non-licensed firms.
“Although the Cyber Security Rules & Guidance, 2021 came into effect today, there is a transition period up until 9 August 2021. Putting the correct cyber security procedures in place takes time so we would urge any businesses who have not yet done so, to read the Guidance.”
