Global Information Risk
Management Recruitment
Telephone: +44(0)20 7987 3838 Email: info@acumin.co.uk

How businesses invest in cyber security

Filed under: Features — Jonathan on September 30, 2013

Cybercrime is a persistent threat to businesses and organisations of all types around the world. Apart from the sheer inconvenience and embarrassment caused by malware attacks, hacking, identity theft, and other problems, the impact of cybercrime has significant cost implications. The UK Federation of Small Businesses recently reported that Cyber Crime costs UK businesses some £785m per year, or some £3,750 per small business. On a more global scale, a recent report by McAfee and the Centre for Strategic and International Studies calculates that the world’s economy loses around £500bn per year to cybercrime and digital espionage.

It is worth bearing in mind that the short-term financial impact on companies of a serious cyber-attack is only one part of the equation. There is also the impact on reputation. If a company gets known for being vulnerable when it comes to, say, protecting confidential customer data, then this could have dire long-term consequences.

This global impact, both in terms of cost and public relations, is certainly enough to make many owners of businesses, large and small, take stock and consider the best ways to plug the gaps. One of the most effective defences against cybercrime is to prevent it happening in the first place. This does, however, require some shrewd investment by CEOs and SEOs in various components of cyber security. Those in charge of the money need to do a cost/benefit analysis during which they weigh up any expenditure on information security against the financial and reputational costs of a major breach.

Putting people first

When it comes to divvying up an IT security budget, it might be best to start with people. When the chips are down, it is skilled, knowledgeable, expert human beings who can provide the best defences against security breaches. While an experienced Chief Information Security Officer (CISO) may cost in the region of £70,000 pounds per year in wages, that person could save a company many times that amount of money in lost income in the event of a security disaster. The CISO may well need a team of technical experts in roles lower down the company hierarchy, but, there again, having a network security manager in place who can configure, and update as required, the company’s firewall will be well worth that person’s salary. The right IT security team will also ensure international standards in information security are met on a continuing basis. This, in turn, will maintain shareholder and investor confidence.

Getting systems in order

Meanwhile, any sound IT security infrastructure needs the most up-to-date, responsive, secure and powerful hardware in place to cope with such issues as denial of service attacks. Skimping on hardware is no way to maintain a secure working environment.

Training is a top priority

Finally, a wise CEO will consider apportioning some cyber security spend to security training: Training not just for the security managers in-house, but also for non-technical employees. Communicating good security practice to all relevant staff should be one of the key planks of any IT security strategy.

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment

line

Please register and browse our jobs so we can help you start a new career!

line

Youtube

 

Acumin © 2006-12