CS1707
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
editor's focus<br />
TIME FOR A UNIFIED FRONT<br />
CYBER SECURITY IS RARELY OUT OF THE NEWS THESE DAYS, WITH BUSINESSES AND ORGANISATIONS<br />
EVERYWHERE SEEMINGLY UNDER ATTACK. A SHIFT IN ATTITUDE IS NOW AN IMPERATIVE<br />
Where once it was the bigger boys<br />
who saw themselves as the prime<br />
targets for all-out attacks, that<br />
threat level is now increasingly moving to<br />
medium-sized organisations, who are also<br />
seeing their capital, reputation and<br />
intellectual property challenged by new and<br />
insidious threats.<br />
However, according to IT solutions and<br />
managed services provider (MSP) EACS, while<br />
many IT teams are taking steps to improve<br />
their organisations' security posture, their<br />
efforts are being hampered by an indifference<br />
to the topic within the broader C-suite.<br />
A report by the Economist Intelligence Unit<br />
reveals a disconnect between the C-suite and<br />
IT teams when it comes to prioritising cyber<br />
prevention. Although cyber security ranked<br />
as the number one priority for IT teams, it<br />
languished in ninth place for the C-suite, far<br />
behind things like business growth and new<br />
customer acquisition.<br />
For Kevin Timms, CEO of EACS, cybersecurity<br />
can no longer just be seen as an issue<br />
for the IT department to sort out - senior<br />
management needs to become fluent in<br />
the language of security, if they are to<br />
improve the way that their companies<br />
deal with threats.<br />
"Cyber-attacks are rapidly growing in<br />
both number and severity and, while that<br />
is broadly recognised at all levels of the<br />
organisations we speak to, there's still<br />
a bit of a disconnect in the C-suite and a<br />
lack of responsibility, a gap which seems<br />
to be more distinct in medium-sized<br />
businesses," Timms comments. "It is, of<br />
course, to be expected that the C-suite is<br />
focused on the business growth and to an<br />
extent it is understandable that there's less<br />
focus on cyber-security, because this is<br />
a primary area of focus for IT teams.<br />
"But the fact is that the success of a<br />
business is increasingly contingent on its<br />
ability to protect itself from cyber threats<br />
and maintain the integrity of its data.<br />
The two need to go hand-in-hand and,<br />
without sufficient support at the highest<br />
levels of a business, strong cyber-security<br />
measures will struggle to take hold."<br />
It's also important to remember that IT<br />
security is not just about building a bigger<br />
firewall, but the processes of the company<br />
and a shift in attitude, he adds. "Everyone<br />
within a business needs to think about what<br />
they do on a day-to-day basis to make sure<br />
they behave in a way that is beneficial to the<br />
company as a whole; from the top down and<br />
vice versa."<br />
With the C-suite and IT teams working<br />
collaboratively to understand the full impact<br />
of a cyber-attack on the business and<br />
outlining a full programme for prevention,<br />
there will be a greater recognition of the<br />
potential threats the business faces, Timms<br />
argues. "Businesses need to dedicate time<br />
and resources to the issue, which can be<br />
achieved by enlisting the help of third parties<br />
like managed service providers (MSP). By<br />
partnering with MSPs with the experience<br />
and expertise to deliver a comprehensive<br />
cyber-security programme, the C-suite can<br />
rest assured that their business has room<br />
to grow, while the IT teams can focus on<br />
business development, rather than worrying<br />
about security."<br />
www.computingsecurity.co.uk @CSMagAndAwards July/August 2017 computing security<br />
07