IT security is often in danger of being one of those things that only the IT department cares about — often seen by the C-suite as simply a cost to the business that doesn’t add to revenue streams. With regard to internal security, for example, more than half of IT professionals believe that their senior management does not take enough responsibility for employee training, security policies or technology implementations to mitigate the insider threat.
The threat that employees pose is one of the most potentially dangerous to a business. It doesn’t matter how good your network perimeter defenses, firewalls, antivirus software and threat-detection software are; if your employees fall for phishing scams, share passwords or still have access to company files once they’ve left, you’re wide open to attack.
Which isn’t to say that insider threat is not addressable, or that protecting company data is the only reason internal security is important. In this slideshow, IS Decisions CEO François Amigorena explains why C-level executives should care more about IT security and, in particular, the insider threat.
IT Security Goes Beyond Keeping Your Company Safe
Click through for more on why C-level executives should care more about IT security and, in particular, the insider threat, as identified by IS Decisions CEO François Amigorena.
Closing the Deal
IT security can help you close deals.
An anonymous IT pro once confided in Amigorena that his company was able to secure a major deal worth £300k because the company’s security was tighter than the competition’s. That deal could’ve gone a long way to paying for the company’s IT security, and then some.
Build Trust with Customers
IT security can help you build trust with your customers.
Consumers are taking internal security more seriously these days — something that’s worrying IT pros. Eighty percent of IT professionals in IS Decisions’ research believe that perception of security processes has a big part to play in a customer’s decision on what companies they choose to do business with.
IT security can help you remain competitive.
Over two-thirds of U.S. IT professionals (77 percent) who are without an insider threat program plan to launch one this year, while 56 percent have one already. If you don’t put one in place, you risk having weaker defenses than your competitors, something that can be held against you when pitching for that next big contract.
Mitigate Breaches Potential
IT security can help you mitigate against the smallest of events that lead to severe breaches.
Attacks on Sony, Anthem, eBay, Target and other high-profile breaches in 2014 came as a result of an employee ‘slip up’ like sharing a password. The source of Sony’s high-profile breach was said to have been ex-employees who had continued to have access to the company’s network. The smallest things can lead to the severest of data breaches.
Improve Business Relationships
IT security can help you improve relations with your partners and supply chain.
You’re not always the only one affected when a breach happens — your partners’ and supply chain’s data can also be compromised in an attack. With better internal security, you can keep your partner network intact and maintain relations, and this works both ways — make sure the partners you choose are reliable and secure.
To read more about how and why you should set up an insider threat program, download User Security in 2015: The Future of Insider Threat.