Interested to hear what SMEs are doing in the UK to up their game in the IT security field. Given the fast pace of change in the cyber landscape, it's no longer enough to have a laid-back attitude towards security (unless you know what you're doing in the first place!). Who's thinking about their cyber exposure? Anyone going to do Cyber Essentials, or already done it? Is anyone thinking about ISO 27001 or an alternative? What is your Disaster Recovery process?