Are you spending too much on IT security?

Fed up with enterprises using lack of budget as an excuse for not securing data properly, Davey Winder investigates whether organisations could actually do more with less.

According to Mark Heathcote, practice director at IT services firm Xceed, there are three common causes for IT security budgets being spent on the wrong things:

1. The press. Technologies that are being talked up by the media can result in security budgets being redirected into technologies that address one issue, but do not cover other threats.

All information security budget spend should be driven by quantified risk mitigation.

2. Technologies that the information security team find interesting. Just because our trusted specialist staff says we should be doing something, doesn't necessarily mean budgets should be diverted from elsewhere.

3. Vendor-driven proposals. There are many examples of vendors presenting their solutions to CIOs and being greeted by the reaction, we really should have this'. But, stop and think why this threat was not a consideration before and do not be driven to a solution just because it looks like a good thing to do.

"All information security budget spend should be driven by quantified risk mitigation. Not by vendors, not by the press and not by technical staff," Heathcote concludes. "Follow these principles and you will not only reduce the impact of real world threats on the business, but may also reduce how much you spend on it."

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Recommended

FBI raids Chinese POS business following cyber attack claims
malware

FBI raids Chinese POS business following cyber attack claims

27 Oct 2021
Identity Automation launches credential breach monitoring service
phishing

Identity Automation launches credential breach monitoring service

5 Oct 2021
Neiman Marcus data breach hits 4.6 million customers
data breaches

Neiman Marcus data breach hits 4.6 million customers

4 Oct 2021
Malware developers create malformed code signatures to avoid detection
malware

Malware developers create malformed code signatures to avoid detection

24 Sep 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Cryptocurrency: Should you invest?
cryptocurrencies

Cryptocurrency: Should you invest?

27 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021