Cybersecurity: a quality measure
Companies prefer to spend money on something that yields rather than something that seemingly only costs money. That is unfortunate for two reasons: cyberthreats are not going away and good security can certainly make you money.
No company has ever gone bankrupt because they had their primary processes in order, dealt responsibly with client data or showed that they were compliant. In fact, to be able to put out tenders in the B2B sector your security must be demonstrably in order. This also applies to the consumer market. Consumers lose confidence in the organisation when their data ends up in the public domain. Quality of delivery and proper handling of client data has become a buying motive.
Security Officers and CFOs often do not speak the same language. That is why most security specialists find it difficult to highlight the importance of cybersecurity investments. They tend to use technical jargon when other members of the decision-making unit expect to see a business case using business-economic terms showing opportunities and risks, costs and yields. They need this information to make their decisions and to explain their choices to stockholders and investors.
This Babel-like confusion also occurs when the investments have been approved and the new systems are being implemented. Especially when it concerns technology and measures that effect daily business. People do not like change. If the reason for the change is not explained well or not explained in easily-understood language, people come up with workarounds that can endanger the security.
The CSSO must be well-versed in several areas of business: business economics, change management and security. This is not easy to achieve without advice and support from specialists.
KAHUNA CARRIES OUT RISK AND IMPACT ANALYSES TO SUPPORT INVESTMENT PROPOSALS AND WE HAVE A PROVEN EFFECTIVE APPROACH TO ENSURE SECURITY AWARENESS AND IMPLEMENTATION OF BEHAVIOURAL CHANGE.
- Risk and impact analyses
- Guidance on ISO 27001 certification
- Compliance Services
- Audits & Assessments
- Awareness campaigns