By Christopher Camejo, Director of Threat and Vulnerability Analysis, NTT Com Security
When it comes to cybersecurity, IT management in most organizations has heard it all from executives and bean counters — from “no need to worry about it,” and “too expensive” all the way to an unachievable “eliminate every vulnerability.” These attitudes create a budgetary and priority climate that increases the risk of an information security breach, by either failing to provide adequate resources for this important task, unnecessarily expending resources that would be more effective elsewhere, or by not commanding the board-level or senior management-level attention that will empower the IT and security teams to choose the most appropriate actions to support all the organization’s goals, including reducing risks to long-term profitability.
But there is hope — some companies are moving forward with sensible plans that align security measures with real business objectives. These efforts serve as good models for more companies to balance two conflicting objectives; on the one hand, restricting access to information and software to avoid the crippling consequences of a security breach, and on the other, providing extensive access and tools across a distributed workforce so that the firm can quickly and easily make plans and decisions, thereby taking advantage of new business opportunities.
The details of the best security plan for each business vary, but based on extensive research in this area, we’ve found that there are common themes — keys to success — that apply to every organization. These five keys can provide a framework for formulating and implementing an appropriate security infrastructure to meet your specific organizational needs.
Please log in or register below to read the full article.