The days of no funding or insufficient funding being allocated to technology security budgets, to prevent cyber attacks, information compromise and ransom, are long gone. This wasn’t the case several years ago, but with the ever-changing landscape of daily cyber attacks against firms all over the world, companies, boards of directors and CEO’s have had to quickly make the change or face serious consequences.
However, there are still some companies that have not heeded the warning signs and remain slow to adopt this changing mindset.
In a report by PwC for the new Global State of Information Security Survey, published in CIO in October of 2016, fifty-nine percent of 10,000 C-Suite executives polled said they are investing more in cyber security including data analytics, real-time monitoring, authentication tools that include biometrics and managed security services (MSS).
By now companies must realize the serious consequences of not protecting information
Firms such as Yahoo, JPMorgan, Anthem, Target and Home Depot, just to name a few, have all been hacked and faced a wide range of consequences.
The embarrassment of notifying clients that their information was stolen because of careless planning and protection must be at the top of the list. Not to mention the financial and legal implications that companies face due to improper securing of data.
Build a Strong Security Foundation
Companies must look at designating the proper amount of funding towards technology security budgets as they build a strong security foundation for their enterprise. Without that mindset it would be like constructing a high rise building and not properly allocating money toward the structural foundation of the building and ultimately over time the building just collapses just like the enterprise would.
As companies shift to digital technologies, they are investing more money in tools to protect their corporate networks and inviting CISOs to help plan and implement enterprise architecture. This has been achieved by adding responsibility to the chief information security officer’s role. Such as the way Ross Stores did by adding the role of Enterprise Architect to their CISO’s security role. This is a change in the way CISO’s perform their security function.
In the past, CISO’s would simply add security products to what the CIO’s would build and implement, but this can end up being costly, complex and less effective after-the-fact.
This new way of thinking is proactive, putting security at the front of the technology build cycle in every situation, and significant in defending against information loss.
Unlimited Technology Security Budgets
In an article published on Forbes last year, Bank of America CEO said they spent $400 million on cyber security and had no cap on this type of spending in an effort to defend against cyber criminals and protect assets.
J.P. Morgan Chase isn’t far behind, increasing their technology cyber security budget from $250 Million to $500 Million. The leaders of these two large financial services companies understand the complex dangers of cyber criminals, and are taking the proper steps toward securing information.
A British insurance company, Lloyd’s, estimates that cyber attacks cost companies $400 billion every year. Leaders have recognized this and are planning their technology security budgets accordingly. If you are a leader of a company, small to even large scale, and you have not taken the steps to secure your assets and data, you must act now.
There are security products available that can be quickly installed that offer significant benefit against attacks. Otherwise, you put not only your firm’s reputation at risk of a cyber hack but also your customer’s data. Your firm will be forced to send the dreaded letter to all customers notifying them of the event. Most likely, your customer’s won’t be returning.
For more information on how to secure your company's data, download this whitepaper on the importance of unifying your data exchange.
Editor's Note: This post was originally published in December 2016 and has been updated for accuracy and comprehensiveness.