Stop talking about security, Start talking about digital trust

July 3, 2018 Ant Newman

Let’s be honest: most businesses think that IT security is a bit of a tax. You know you have to pay for it (especially when compliance is involved) but you certainly don’t relish the prospect. Security drains budget from other initiatives and it gets in the way of people doing their jobs.

(And for SMBs in particular, there’s often the mistaken belief that they don’t need to invest in security, because attackers mostly go after big enterprise targets).

Sorry to say, but that attitude has to change. Here’s the truth:

1) Security does add value.

If you’re thinking of security as a tax, or even as a purchase made purely to stop bad things happening, you’re missing the point. Think about all the things you can do when you’re confident in your security:

  • You can partner and share data with other organisations, knowing that your privacy policies are enforced, and that they can trust you
  • You can enable your employees to work from anywhere and take confidential project information with them, knowing that sensitive data is protected.
  • You can experiment with IoT, public cloud and other transformative technologies that can help your business innovate, knowing that it won’t compromise your safety.

In other words, security doesn’t have to be a barrier to getting work done; it’s actually a key enabler of the digital transformation that you’re engaged in. It’s a currency of trust.

2) Security is something you do, not just something you buy.

Great, so security adds value… let’s buy some, then?

Hold on a minute. Security technologies — firewalls, email scanners, antivirus and antimalware, etc — are of course important to protecting your business. But security is not a problem you can just throw money at and rely on technology to solve.

Every study shows that it’s people and process that account for the majority of security vulnerabilities, whether it’s social engineering attacks or poorly configured networks.

To put it another way, the vast majority of cybersecurity risks facing your business could be mitigated simply with some basic cybersecurity training for staff, and basic process enforcement such as using hardened configurations and making sure IT devices are regularly patched.

3) You have options

But who is going to be building your policies, configuring those technologies, training your workforce? If you’ve tried to recruit for a security expert recently, you’ll know that they’re in short supply, and they command a salary premium that you may not be able to stomach.

Don’t worry, you are not alone — and you have options. Whether it’s training up your existing IT teams to increase their cybersecurity expertise, or bringing in project-based support or managed services providers, there are ways to get the headcount and skills you need.

Learn more

We’ve worked with IT analysts Ovum to research how businesses today perceive security, what the future holds, and how to do it right — including what you can do to tackle the talent gap. Check out the report here for key insights and data points.

 
 
 

About the Author

Ant Newman

Ant has been writing about the intersection of business and technology for nearly 15 years, working at companies large and small: from five-person marketing agencies to enterprises like Gartner and Cisco.

Follow on Linkedin More Content by Ant Newman
Previous Article
Stop: Collaborate and listen
Stop: Collaborate and listen

Collaboration tools like video and messaging are critical to workforce productivity. Make sure your project...

Next Article
Secure growth needs intelligent cyber security
Secure growth needs intelligent cyber security

Get the report - the latest Cyber Security trends

Get the report