In-depth

Are you spending too much on IT security?

Fed up with enterprises using lack of budget as an excuse for not securing data properly, Davey Winder investigates whether organisations could actually do more with less.

As a company with a reputation for building mission-critical IT systems for the defence and aerospace industries, Thales has an understandable interest in IT security spending.

Which is why I was surprised to find myself reading a report (http://www.thalescyberassurance.com/white-papers.htm) commissioned by the company which suggested businesses may be spending too much on IT security by over-protecting non-sensitive data.

Depending upon your company's appetite for risk" she explains "no data is ever considered as non-sensitive.

Ross Parsell, director of cyber strategy at Thales UK, warns that, while the volume and scale of cyber-attacks show no signs of slowing down, there is a danger that resources are sometimes assigned to areas that do not need them.

This idea that IT departments might be spending too much on the wrong things got me thinking: could the average enterprise do better, and be more secure, while spending less?

Paying out

A great deal of the overspend argument depends on what organisations class as 'non-sensitive data', explains Logica's business consulting cyber security lead, Cheryl Martin.

"[In certain companies] No data is ever considered non-sensitive," says Martin. "Cyber criminals earn their keep from obtaining and reselling the most innocuous piece of information which, with careful company grooming, could be used to pull together an in-depth view of the targeted organisation and individuals".

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Identity Automation launches credential breach monitoring service
phishing

Identity Automation launches credential breach monitoring service

5 Oct 2021
Neiman Marcus data breach hits 4.6 million customers
data breaches

Neiman Marcus data breach hits 4.6 million customers

4 Oct 2021
Malware developers create malformed code signatures to avoid detection
malware

Malware developers create malformed code signatures to avoid detection

24 Sep 2021
Indiana notifies 750,000 after COVID-19 tracing data accessed
data breaches

Indiana notifies 750,000 after COVID-19 tracing data accessed

18 Aug 2021

Most Popular

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021