top of page

Meet our Trusted Partner - Starswift Information Security


Our Trusted Partners are an integral part of the ECRC, being able to accredit cyber essentials. But here is a little more information about the people behind the partner.

Profile picture of Rob Lancaster - Director of Starswift Information Security
Rob Lancaster - Director

Tell me who you are and what you do within Starswift Information Security?

Rob Lancaster, director of StarSwift Information Security. I run a small Information Security Consultancy. We are also a Cyber Essentials Certification Body.


How did you get into cyber resilience?

I moved into Cyber Security a number of years ago following a transition from a variety of Information Technology and Service Management roles.


What’s the best thing about working at Starswift?

Being a small company I have more flexibility in terms of the type of work and clients I work with. The flexibility and diversity of engagements is definitely a highlight.


What size companies do you work with?

I prefer working with small to medium sized companies. Generally those with smaller budgets for both IT and Cyber Security. There’s still much that can be achieved with smaller budgets and resource levels!


What do you see small/medium companies struggling with in terms of cyber resilience?

I see many smaller companies struggling to look beyond the standard technical controls such as endpoint protection with less focus on administrative and physical controls that also contribute to overall cyber security hygiene and good practice. There is much that can be achieved at little or no cost that can improve security posture. It’s just knowing what can be done and how to implement it.


Why should companies get Cyber Essentials accreditation?

Cyber Essentials is an excellent starting point. Many companies are already in a position where they could certify for Cyber Essentials. In other cases, the Cyber Essentials self-assessment can be a good guide to where remediation or improvements can be made that could lead to Cyber Essentials certification at a later date.


What three tips would you give a company with little knowledge of cyber resilience?

Firstly, assess where you are now and where there might be some gaps. From there, determine where you want to be and where improvements can be made. Plan to implement those improvements and in what timeframe. Finally, make use of some free and readily available resources such as the National Cyber Security Centre “Information For…”, “Advice and Guidance” and “10 Steps to Cyber Security” publications. SANS (sans.org) also has some very good free resources to assist companies.


Do you order starters or desserts?

I definitely have a sweet tooth but I’d probably go with Starters!


Suppose you have been given an elephant and you can’t give it away or sell it. What would you do with it?

Assuming it’s not living in the house with myself, the wife and the dogs… I’d establish an elephant enclosure (somewhere), and try to use the Elephant to promote animal welfare and raise money for charity. * This clearly needs more thought and planning … but that’s the first thoughts on the matter.

Starswift Information Security Logo

Comentarios


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page