The latest annual Deloitte Information Security and Cybercrime Survey has revealed that digital crime costs Irish organisations an average of 2.7 per cent of their annual turnover. It’s easy to estimate that SMEs could be losing hundreds of thousands of pounds of their turnover, and large organisations could be losing hundreds of millions of pounds to cyber crime. Is this proportion of turnover not better spent on improving security?
Alan Calder, Founder and Executive Chairman of IT Governance, the cyber security services provider, says: “This new survey only shines more light on an already known fact: not investing enough in improving cyber security defences can lead to great financial losses for organisations that become the victim of a data breach. This is the case for Irish companies, but it’s no different for the UK, the US or any other organisations anywhere in the world.
“One thing is obvious: if organisations were to invest in cyber security the same amount of money a data breach would cost them, they’d be winning for a number of reasons: they’ll have better protection of their assets, they are much less likely to suffer a breach at all and they’ll only need to make a big investment once to avoid potentially numerous cyber attacks and breaches.”
In the Boardroom Cyber Watch Survey carried out by IT Governance in May 2013, nearly half of the respondents admitted that they don’t make the right level of investment in information security – or don’t know.
Calder explains why many organisations are facing this problem: “An effective cyber security strategy is one that addresses people, technology and process. Many companies still have a wrong perception of cyber security think that it’s just about expensive anti-malware software. In order to determine how much to spend and in what areas, organisations must start with a comprehensive cyber security risk assessment of all of the above aspects.”
A comprehensive cyber security risk assessment service is being offered by IT Governance, who came up with a 10-step approach based on the UK’s Cyber Security Framework for Business. The IT governance consultants not only assess the ten key risk areas, but they also provide organisations with a tailored, immediately usable action plan. They also work with their clients to close the gaps. More information is available at www.itgovernance.co.uk/cyber-security-risk-assessments-10-steps-to-cyber-security.aspx.
To book a cyber security risk assessment call +44 (0)845 070 1750 or email firstname.lastname@example.org.