Firms in the Dark about Cyber Security Investment
Many UK organisations are still in the dark about how to approach spending on information security technologies.
Managing director at training and consulting firm Blue Screen IT, Michael Dieroff, said: “Experience has shown that few organisations know how to go about allocating their information security budget.”
A recent study by Thales E-security shows that cyber breaches are increasing despite increased security spending, underlining that security investment decisions are not aligned with actual cyber threats.
Dieroff believes that following a group of principles means that organisations can ensure the effective and relevant use of the IT security budget – possibly reducing spending by buying only what they need.
He said: “If an organisation uses only an ISO certification as a guide for implementing a set of security controls, they run the risk of investing in controls that they are never going to need because they may not be relevant to that particular organisation’s business processes in any way.”
In the past Dieroff has worked with some of the world’s leading private and public organisations, as well as many small and medium-sized enterprises (SMEs) helping them to develop and understand how to strengthen their cyber security strategy and implementation.
Dieroff added: “By looking at the actual risk they have and the threats they are facing, by considering the legislation and regulations they have to comply with, and using security operations analytics, organisations can derive quantified statistics to shape and support the security budget.”Return to internet news headlines
View Internet News Archive