Is your Board taking the security threats seriously or are they as flippant as the gentleman in this cartoon? Many organisations tell us that, in the aftermath of recent high profile breaches, post the immediate knee-jerk short-term fixes, security appears to remain way down in their priority list.
And those organisations that do recognise the gravity of the situation, rather misguidedly believe that there is a direct correlation between investment in technology and their security. The reality is that the leading cause of breaches is a lax approach to security fundamentals. No amount of security investment in the latest, most sophisticated security solutions can eliminate the need for fundamentals like data back-up, patching, network segmentation, security awareness programmes and so on.
Also, organisations need to look at security more holistically, given how increasingly complex the threat landscape is becoming. How can you protect if you don’t know what is at risk? It’s important to understand what the assets are, what risks surround them and then build security, so that even in the event of a breach, the impact is minimal.
A mature approach to security includes people, processes and technology. Building an operational security model around people and processes, with technology layered-in, is a proven approach. Often, organisations have the technology that is required, but lack the skill set in-house to do this approach justice. This is where we can help – we work with may organisations, as part of their internal security team, to establish this kind of an operational model. It allows them to continuously monitor and measure their security capability, facilitating incremental changes to mitigate the impact of a potential breach. We are at the end of a phone line – +44 (0)845 519 2946 – or get in touch via firstname.lastname@example.org. We’d be happy to talk through your needs and suggest measures that are right for your business.