Are you spending too much on IT security?

Fed up with enterprises using lack of budget as an excuse for not securing data properly, Davey Winder investigates whether organisations could actually do more with less.

"The European Commission's latest Data Protection Directive calls for mandatory data breach disclosure notifications," states Brewer. "That would require organisations to reveal when a breach occurs and exactly what data has been jeopardised."

When news of a data breach breaks, the sensitivity of the data concerned could prove inconsequential as far as the company bottom line is concerned.

The latest Symantec 'UK Cost of a Data Breach' report suggests that the average cost to a UK business has risen by 68% over the past five years, with the average cost per capita of a data breach now standing at a whopping 79 per record.

Perhaps the data sensitivity issue is a red herring. But, does this mean we should dismiss Thale's assertion that security budgets are being badly allocated? David Harley, senior research fellow at security vendor ESET, doesn't think so.

"[It is]highly probable that some businesses are overspending on security by over-engineering the defence of low-priority attack surfaces and relying on overpriced and under-performing panaceas du jour," Harley told IT Pro .

This is where the need for vendor-neutral security audits comes in. Something the Information Security Forum (ISF), along with several other industry watchers, reckon could become a mandatory requirement for the enterprise in the years to come.

"The issue then becomes how the organisation selects the most appropriate technology and vendor to meet their demands," says Logica's Martin.

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Recommended

Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Splunk debuts a new suite of cloud security solutions
Security

Splunk debuts a new suite of cloud security solutions

22 Jun 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

16 Jun 2021
Ten-year-old iOS 4 recreated as an iPhone app
iOS

Ten-year-old iOS 4 recreated as an iPhone app

10 Jun 2021