Cyber risks: systems and people to the rescue

We all know that cyber crime is rampant, but if you consider that about 80% of companies lack the right skills and competence to protect their IT assets₁, the outlook for achieving cyber security seems dismal.

It seems we are fighting a losing battle, trying to keep up with cyber criminals who outsmart us at every opportunity.

According to Gartner, the global cyber security spend was £40 billion last year, but the number of global breaches are increasing by 20% per year, while the cost of those breaches is increasing by 30%, according to HP₂.

It is clear that organisations need to totally rethink how they prioritise their cyber security investment.

Implementing the right systems and people to detect and analyse suspicious activity can prove effective in preventing a breach or, at worst, to help contain the after-effects of a breach.

Conducting a cyber risk assessment is at the core of any respectable cyber security strategy.  Those who undertake a cyber risk assessment, however, will quickly find that it can be a cumbersome and very slow process without having a solid database management tool.

Risk assessments involve input from numerous departments in order to include all potential risks and information assets that could potentially be exposed.  Furthermore, it is crucial to apply a standardised approach to make sense of the reporting process. It is equally important to keep this data up to date.

vsRisk™ is a cyber security risk assessment tool that is straightforward, quick and easy to use – and can save you a significant amount of time, resources and money.

The tool can be used on a desktop computer or installed on a network server, and comes with an individual or multi-user licence. It allows risk assessors to conduct assessments of the cyber risks across the organisation, regionally or department-wide, following a simple framework with built-in, relevant threats, vulnerabilities and risks.  vsRisk also includes three different control sets, based on international standards ISO27001:2005, ISO27001:2013 and ISO27032:2012, and comes with additional options, such as the ability to apply it to multiple information security management systems.

Without the appropriate investment in cyber security competence and resources, cyber criminals will continue to dominate.  By making smart decisions about the risks that could affect an organisation, and taking a strategic approach to developing the necessary responses, however, the battle is already half-won.

For more information, view the 2 flagship products:

vsRisk Standalone

vsRisk Multi-user

 

Sources:

http://www.esg-global.com/

₂Art Gilliland, HP GM enterprise security – http://www.smh.com.au/it-pro/security-it/billions-spent-on-cyber-security-and-much-of-it-wasted-20140403-zqprb.html