Here’s some good news for you: more businesses are taking IT and security risks seriously.
Security is no longer a topic that’s relegated to IT departments or individual staff members. A survey of UK organisations by risk management specialists NTT Com Security found that 56% of respondents discuss security and risk either routinely or frequently at board level.
The IT fear factor
However, as businesses become more aware of potential security risks, it seems a fear factor may be kicking in. The same survey found that concerns over information security and risk have stopped a project or business idea progressing in nearly half (49%) of organisations surveyed.
So, how do you monitor and manage the risks your company faces, without becoming paralysed? After all, if you paid attention to every online horror story then you’d probably shut up shop and find a nice, non-internet business to run, instead.
Get to grips with your security
There’s a strong argument to say that companies with the best handle on their security are the ones that see it as an opportunity.
Being proactive, identifying and managing risks and taking steps early can actually give you an advantage in the market. For instance, clients and customers like it when they know they can trust you to keep them safe.
But proactive security isn’t something many businesses do well. Only 1 in 5 organisations surveyed said they base their security spending on risks they’ve actually assessed.
The rest, presumably, take a range of basic security precautions and then react to other problems as they occur.
Proactive security is best
Neal Lillywhite, SVP Northern Europe at NTT, says that although businesses are aware they should take a proactive approach to managing risks, most don’t yet put this into practice:
“While the majority see a benefit to having a proactive approach when assessing the risk of information assets, the fact that still only a fifth base their spending on assessed risk shows there is plenty of room for improvement.”
If your business is one of the 4 in 5 that doesn’t do a good job of assessing the risks it faces, it’s probably time to start. And as there’s no time like the present, why not find out how to perform an IT security risk assessment right now?
- How to plan your IT security
- Five mistakes you may be making with your IT security
- Action list: secure your IT system