Alan Calder, CEO of IT Governance
, the cyber security services business, has appeared on The Business Hub Radio Show to discuss the changing cyber security landscape. The whole interview is available as a podcast from The Business Hub
website (Calder’s section starts at around 19.30 minutes in and lasts for about 20 minutes).
Calder highlights the fact that cyber security isn’t just about software. If you don’t know how to deploy anti-malware software you can be wasting your money. The critical components of cyber security are people and process.
Calder said, “Cyber-attacks are happening every day and they are professionally driven. Sadly, most organisations still think that if they deploy an expensive cyber security software solution, they’ll be secure. But they are not and the statistics demonstrate this clearly.”
IT Governance’s recent Boardroom Cyber Watch Survey
found that company bosses see their own employees as the greatest threat to corporate data and computer systems.
Asked during The Business Hub
interview, how organisations can guard against the internal threat Calder said, “It’s not that difficult if you actually think through what type of information people need to access and build up access rights around those type of decisions. You need to identify what the possible risks are. You also need to have methods of monitoring when people are accessing information they shouldn’t see, and when they are copying or exporting large amount of data. These are all things at which companies can arrive at by doing a very basic thing in cyber security called a risk assessment.
“A risk assessment looks at what might happen, works out the probabilities and the impacts and then selects controls to deal with it. It is a classic example of why process and people are the fundamental building blocks of effective cyber security.”
According to UK Government’s statistics 90% of organisations not only suffered a malicious security breach last year, but damagingly found out about it from a third party such as a customer, competitor or supplier. This means that cyber security has never been so important for an organisation’s reputation and financial stance.
IT Governance, unlike vendors that come from a technology background, addresses cyber security from a business perspective. The company offers a mix of services including books, tools, training and consultancy that can help organisations tackle all aspects of cyber security.
More information about IT Governance and its cyber security services can be found at www.itgovernance.co.uk
or by phoning +44 (0)845 070 1750.