A recipe for results oriented cyber security
Cyber Security is complicated and can be prohibitively expensive. A dozen years ago, Cyber was a footnote on most corporate ledgers, but today it is a significant corporate cost, and often a topic of discussion at executive board meetings.
Many corporate strategies have focused on building depth and breadth in their ‘in house’ cyber security teams. The challenges associated with the changing threat landscape and diversity of products make this approach effective only for the few large ‘deep pocket’ companies and not well suited for small and medium business.
Small and medium businesses need to adopt a different strategy. It is undeniable that every company must demonstrate a level of maturity when it comes to protecting their digital assets but hiring employees is not necessarily an effective or economical method of achieving the desired outcomes.
In corporate cyber security, the teams that see the most success are the those that focus on supporting the business and not on building a cyber security empire. Hiring specialists may be more expensive on an hourly basis, but if used strategically, these hired guns should:
a) accomplish the objective faster – and then go away, or;
b) accomplish an objective that would otherwise be unattainable – and then go away.
This model often results in cost savings while delivering specific solutions unique to the client. It allows the organization to develop core capabilities inside the company and focus on the holistic challenges for Cyber, while streamlining prioritization and risk management challenges and freeing up resources to address specific shorter term objectives and priorities.
An analogy that helps demonstrate the strategy is health care. The General Practitioner provides the holistic view to patient care, but relies on specialists for heart, brain , internal organs, bones etc….
Results oriented organizations rely on specialists to help them develop Cyber Security services and products. They rely on their in-house cyber teams for the holistic view and to deliver products and services that ensure the integrity of their organization.
The cost effectiveness of this approach to using specialists becomes apparent as companies diversify in their technology footprint. No one can be expected to be an expert in everything.
The challenge is of course finding the right balance the with leadership that demonstrates vision and a plan. At Indominus, we can help build a strategy that supports an effective in-house cyber capabilities supported by a team of subject matter experts able to meet the ever changing requirements through these challenging times.