Technology not enough

September 2010 Security Services & Risk Management

Risk mitigation requires an integrated security strategy.

Business today, including those in the financial sector, face such a broad range of security risks that only an integrated approach to risk management can guarantee the integrity of corporate data and transactions.

Unfortunately, while the theory of an integrated approach is fairly simple to understand, putting the security pieces in place can be a cumbersome process.

Part of the complexity of an integrated approach to security is that there is no definite point from which to expect an attack. Criminal forces external to a company are more sophisticated than ever and have access to powerful tools and devious techniques to gain entry even to a seemingly secure infrastructure.

But external forces are not the main threat facing companies.

“The greatest threat facing companies in the 21st century comes from within and the financial services arena is no different,” says Hedley Hurwitz, managing director of Magix Integration. “Over 60% of data loss and fraud are committed from the inside by employees one is inclined to trust.

“What this means is that a company can not reduce its risk exposure by buying the latest and greatest security product. Effective risk management requires an integrated approach to discovering, mitigating and then monitoring risks via a comprehensive security strategy.”

The process he recommends for the financial services industry is to start with a company-wide vulnerability audit. This audit will quickly determine in which areas the company is at immediate risk. Fast resolution of these problems will allow the organisation to continue operating in relative safety while moving on to the next step, which involves doing a more in-depth analysis of its business processes and operating methodologies.

The next step is to assess the broader environment the company operates in and the additional external risks to be managed.

Collating the data collected from the above steps provides the organisation with its full risk profile. With this profile in mind, the organisation is able to accurately determine the optimal security strategy to follow.

“Of course there is no such thing as a 100% secure company,” notes Hurwitz. “A good security strategy is a balance between the organisation’s need to be invulnerable and its operational require-ments to provide access to anything at any time.”

“The key to an effective security strategy is to take an integrated approach.” An integrated approach empowers the business to make rational and effective decisions that will secure what needs to be secured without hampering the continued operation of the business.”

For more information contact Magix Integration, +27 (0)11 258 4442, [email protected]





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Local manufacturing is still on the rise
Hissco Editor's Choice News & Events Security Services & Risk Management
HISSCO International, Africa's largest manufacturer of security X-ray products, has recently secured a multi-continental contract to supply over 55 baggage X-ray screening systems in 10 countries.

Read more...
Detecting humans within vehicles without opening the doors
Flow Systems News & Events Security Services & Risk Management
Flow Systems has introduced its new product, which detects humans trying to hide within a vehicle, truck, or container. Vehicles will be searched once they have stopped before one of Flow Systems' access control boom barriers.

Read more...
A standards-based, app approach to risk assessments
Security Services & Risk Management News & Events
[Sponsored] Risk-IO is web-based and designed to consolidate and guide risk managers through the whole risk process. In this article, SMART Security Solutions asks Zulu Consulting to tell us more about Risk-IO and how it came to be.

Read more...
Cybercriminals embracing AI
Information Security Security Services & Risk Management
Organisations of all sizes are exploring how artificial intelligence (AI) and generative AI, in particular, can benefit their businesses. While they are still figuring out how best to use AI, cybercriminals have fully embraced it.

Read more...
Integrate digital solutions to reduce carbon footprint
Facilities & Building Management Security Services & Risk Management
As increasing emphasis is placed on the global drive towards net zero carbon emissions, virtually every industry is being challenged to lower its carbon footprint and adopt sustainable practices.

Read more...
Visualise and mitigate cyber risks
Security Services & Risk Management
SecurityHQ announced its risk and incident management capabilities for the SHQ response platform. The SHQ Response Platform acts as the emergency room, and the risk centre provides the wellness hub for all cyber security monitoring and actions.

Read more...
Eighty percent of fraud fighters expect to deploy GenAI by 2025
Security Services & Risk Management
A global survey of anti-fraud pros by the ACFE and SAS reveals incredible GenAI enthusiasm, according to the latest anti-fraud tech study by the Association of Certified Fraud Examiners (ACFE) and SAS, but past benchmarking studies suggest a more challenging reality.

Read more...
Deception technology crucial to unmasking data theft
Information Security Security Services & Risk Management
The ‘silent theft’ of data is an increasingly prevalent cyber threat to businesses, driving the ongoing leakage of personal information in the public domain through undetected attacks that cannot even be policed by data privacy legislation.

Read more...
Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Read more...
Proactive strategies against payment fraud
Financial (Industry) Security Services & Risk Management
Amid a spate of high-profile payment fraud cases in South Africa, the need for robust fraud payment prevention measures has never been more apparent, says Ryan Mer, CEO of eftsure Africa.

Read more...