IT security 'should be pitched like other business enablers'

4 June 2015
By James Hayes
Mobile version
Share |
IT security could be treated like other business enablers, such as marketing

IT security could be treated like other business enablers, such as marketing

Enterprise information security chiefs could boost their chances of getting the funding they need by emulating sales and marketing budgeting practices, a security industry expert believes.

Calling on actual and projected performance figures – a technique common to other parts of the enterprise – when profiling IT security's contribution to corporate success would convey a better understanding of the role it plays in safeguarding business operations, according to Sol Cates, chief security officer at security solutions provider Vormetric.

Speaking at the Infosecurity Europe conference in London this week, Cates argued that challenging funding requests by casting IT security mainly as a cost-centre could be overturned by presenting its relevance in the same way as sales staff set financial targets and market share projections, for instance.

“Organisations are increasingly asking, 'Are we seeing a return on our security investments?'” Cates said. “It's actually time that security is viewed as a quantifiable business enabler. IT security is no longer a tax on the business, it's now an enabler of costs savings and competitive advantage.”

One of the ways that enterprise security leaders could communicate their contribution to corporate financial stability would be to model the likely adverse outcomes a data breach would have on an organisation, Cates said: “The IT security function would benefit from being more open and disclosive about the nature of threats that are targeting an organisation and by evaluating how well it can expect to perform protecting assets against those threats going forward”.

He added: “Other enterprise functions routinely present to the rest of the organisation about projected sales, possible risks and market conditions that might affect future performance. IT security activities could be presented in much the same way, highlighting success rates against cyber-attacks and the resulting benefit to the running of the business.”

Security models could classify the risks into tangible and intangible costs, Cates explained. “Tangible costs could be an item of data such as a patient record in the healthcare sector,” he says. “For example, the dark market rate for patient records is about $200 each, so that sets a baseline market value on any stolen data.” Other tangible risk costs could include reputational harm, damage to business relationships and revenue drops due to lost customers.

From a US perspective, intangible costs include class-action lawsuits mounted by affected customers or legal penalties resulting from data security regulatory compliance failures. “Most enterprises use modelling tools to fine-tune future financial performance and such modelling could also help formulate and analyse cyber-security strategy,” Cates said.

“Making enterprise security performance specifics more visible to other parts of an organisation would place it as an integral part of the company structure and also remind all staff that security effectiveness is a shared responsibility.”

Latest Issue

E&T cover image 1605

"We visit Barcelona, one of the smartest cities in the world, to find out what makes it so special. What does it look like and what is the future?"

E&T jobs

  • High Voltage Engineer

    Premium job

    Essex X-Ray & Medical Equipment
    • Great Dunmow, Essex

    This High Voltage Engineer will provide design leadership for high voltage cable assemblies up to one megavolt.

    • Recruiter: Essex X-Ray & Medical Equipment

    Apply for this job

  • Sales Electronics Engineer

    Premium job

    Precision Microdrives
    • London (Greater)
    • £25,000 - £30,000 starting salary, inclusive of on-target commissions.

    Precision Microdrives (PMD) is a fast growing technology company that designs, produces and trades miniature electro-mechanical mechanisms

    • Recruiter: Precision Microdrives

    Apply for this job

  • Senior Development Engineer, Electronics

    Premium job

    Helmet Integrated Systems / Gentex Corporation
    • Letchworth Garden City, Hertfordshire
    • Competitive

    We are innovative, robust and fast growing business, whose main focus is to deliver continues improvement to existing products and offer new soluti...

    • Recruiter: Helmet Integrated Systems / Gentex Corporation

    Apply for this job

  • Analogue Electronics Engineer

    Premium job

    Swedish Institute of Space Physics (IRF)
    • Uppsala (Stad) (SE)

    The Swedish Institute of Space Institute (IRF) in Uppsala search for an analogue electronics engineer.

    • Recruiter: Swedish Institute of Space Physics (IRF)

    Apply for this job

  • Principal Robotic Systems Engineer

    Premium job

    National Oceanographic Centre
    • Southampton, Hampshire
    • £45,271 to £49,207 per annum

    Responsible for technical oversight and project management of internally and externally funded innovation centre projects.

    • Recruiter: National Oceanographic Centre

    Apply for this job

  • Smart Grid Research Engineer

    Premium job

    University of Strathclyde
    • Cumbernauld, Glasgow
    • Grade: 6/7* £26,537 - £37,768*

    Work as part of a growing dynamic team on a wide range of technical projects with particular emphasis on experimental validation and testing

    • Recruiter: University of Strathclyde

    Apply for this job

  • Electrical Engineer - Water

    Premium job

    Mott MacDonald
    • Peterborough, Cambridgeshire

    Mott MacDonald's highly successful Water and Environment Unit is recruiting an electrical engineer....

    • Recruiter: Mott MacDonald

    Apply for this job

  • Electrical Design Engineer

    Premium job

    Mott MacDonald
    • Cambridge, Cambridgeshire

    Mott MacDonald's highly successful water business continues to win and deliver a fantastic amount of work....

    • Recruiter: Mott MacDonald

    Apply for this job

  • Launcher Verication & Validation Lead

    MBDA
    • Bristol
    • Competitive Salary & Benefits

    What’s the opportunity? Opportunity to join a very dynamic, responsive and multinational Launcher team, focussed on rapid development, proving and manufacture to meet challenging programme...

    • Recruiter: MBDA

    Apply for this job

  • Technical Design Authority - Marine Systems (Mechanical)

    BAE Systems
    • Scotland, Glasgow
    • Negotiable

    Technical Design Authority - Marine Systems (Mechanical) Would you like to play an exciting and varied role working with the River Class Batch 2 (RCB2) vessels for the Royal Navy? We currently have a vacancy for a Technical Design Authority - Marine Syste

    • Recruiter: BAE Systems

    Apply for this job

More jobs ▶

Subscribe

Choose the way you would like to access the latest news and developments in your field.

Subscribe to E&T