Newsletter & Blog

Cyber Security Can Drive Your Business Forward

So what actually is impeding innovation and efficiency.  Any security strategy that doesn’t offer flexibility will inevitably undermine both of these things.  Organisations need to bake trust into their security strategy to provide the confidence to innovate and operate with efficiency to build growth.

Michael Chanter, COO of Logicalis says, To achieve a balance between trust and innovation, businesses must rethink their approach by weaving security into every part of their digital fabric. Instead of creating a steel fortress around their digital ecosystem, they must have the flexibility to respond to market opportunities, confident that they can intercept and respond to risks in real-time’.

And what he says is absolutely true, but at the level of the average SME, how can that be achieved?  Many SMEs don’t even have a coherent security strategy.  At best they are getting advice from product vendors, often via their local Value Added Reseller (VAR), whose main revenue is made through selling in products with attached services, generally limited to installation and maintenance.  SMEs have never been advised to devise a security strategy, even a simple one.  They have never been advised to adopt a risk management strategy in regard to cyber security, and if they were, they didn’t know how to go about it, or even if it was something they wanted to learn more about.  So where do they start?

A real problem is that they are generally operating with staff that don’t appreciate the value of cyber security, who don’t believe it actually affects them at their level and of course, cyber security expertise is expensive and definitely hard to come by.

First and foremost, cyber security has to be aligned to the business, it has to complement the business, and enable it by securing its processes and therefore its revenue.  Cyber security is about securing those processes and the information of value to the business, recognising that all such information has a monetary value.

In previous articles I have talked about cyber security awareness, risk management processes, risk assessment and introducing controls to the environment to mitigate risks as they have been explored.  You can find these here on this news and blog page. The first step to understanding the issues, to getting to grips with how you protect your business from cyberattacks and scams, is to get the right advice.  If the advice you’re getting leads with products, then you need to re-evaluate who is providing that advice.  Bruce Schneier, a US scientist and cyber security thought leader, based out of Harvard University, says, ‘If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology’.  That is not to say that technology doesn’t have an important part to play, but that it must fit in with an overall strategy that combines People, Process and Technology into a cohesive whole.