Strategy should include a security assessment

July 2003 News & Events

Many businesses respond to increased information security threats by shoring up their perimeter defences. Implementing tools that serve a very specific purpose is part of the solution, but smart organisations are waking up to the need to implement a strategy that also includes security assessment.

In fact, says Anthony Southgate, general manager: Security Solutions at Dimension Data, one of the biggest issues surrounding information security investment is the fact that many senior managers simply do not recognise or understand the threat to their business. It is difficult to quantify the actual threat or calculate the ROI of any project.

"Before approving any budget plans, management therefore needs to understand the real impact of a breach on their security systems. It is also critical to be able to discern the fact from the fiction in terms of security mythology," he adds. According to Southgate, companies need to establish what degree of risk is acceptable.

55% of organisations surveyed already use security assessments as part of their ongoing strategy; 60% of the remainder intend to do so in the near future.

However, the costs of a security breach cannot always be easily quantified. Damage to reputation and brand can often be as detrimental as the physical harm done to an organisation's systems. It is vital that CEOs and senior management understand just what it means for their organisation if breaches occur. It is therefore important that organisations use regular benchmarks to help them understand their risk exposure and how this compares to their competitors.

A recently commissioned Di-Data survey revealed that while many were still focusing on products to provide protection, a significant number of organisations indicated that they wanted to move toward investing in security consultation and managed security. Of those organisations that confirmed further investment, 89% intend to allocate budget to security consultation and 62% to a managed security strategy.

"This clearly indicates a move away from creating a defence against every eventuality, toward adopting a more pro-active strategy on what to do should an attack occur," says Southgate.

"By focusing less on eliminating all risks, and more on developing a strategy for how to deal with attack, organisations will be able to benefit from a pragmatic approach to security that does not negatively impact their ability to innovate."

For more information contact Bronwyn Goeller, Dimension Data, 011 575 0000.





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
From the editor's desk: Showtime for Securex
Technews Publishing News & Events
We have once again reached the time of year when the security industry focuses on Securex. This issue includes a short preview, with more coming online and via our special Securex Preview news briefs. ...

Read more...
Chubbsafes celebrates 190 years
Gunnebo Safe Storage Africa News & Events Security Services & Risk Management
Chubbsafes marks its 190th anniversary in 2025 and as a highlight of the anniversary celebrations it is launching the Chubbsafes 1835, a limited edition 190th-anniversary collector’s safe.

Read more...
Suprema unveils BioStar Air
Suprema neaMetrics News & Events Access Control & Identity Management Infrastructure
Suprema launches BioStar Air, the first cloud-based access control platform designed to natively support biometric authentication and feature true zero-on-premise architecture. BioStar Air simplifies deployment and scales effortlessly to secure SMBs, multi-branch companies, and mixed-use buildings.

Read more...
New law enforcement request portal
News & Events Security Services & Risk Management
inDrive launches law enforcement request portal in South Africa to support safety investigations. New portal allows authorised South African law enforcement officials to securely request user data related to safety incidents.

Read more...
Igniting standards, powering protection
Securex South Africa News & Events Fire & Safety
Fire safety is more than compliance, it is a critical commitment to protecting lives, assets, and infrastructure. At Firexpo 2025, taking place from 3 to 5 June at Gallagher Convention Centre, that commitment takes centre stage.

Read more...
The rise of AI-powered cybercrime and defence
Information Security News & Events AI & Data Analytics
Check Point Software Technologies launched its inaugural AI Security Report, offering an in-depth exploration of how cybercriminals are weaponising artificial intelligence (AI), alongside strategic insights defenders need to stay ahead.

Read more...
From the editor's desk: We’ve only just begun
Technews Publishing News & Events
The surveillance market has expanded far beyond the analogue days of just recording and/or monitoring screens. The capabilities of surveillance technology today extend to black screen monitoring with ...

Read more...
SAFPS issues SAPS impersonation scam warning
News & Events Security Services & Risk Management
The Southern African Fraud Prevention Service (SAFPS) is warning the public against a scam in which scammers pose as members of the South African Police Service (SAPS) and trick and intimidate individuals into handing over personal and financial information.

Read more...
Strong industry ties set Securex South Africa apart
News & Events Training & Education
Securex South Africa, co-located with A-OSH EXPO, Facilities Management Expo, and Firexpo, is a meeting place of minds, where leading security, safety, fire, and facilities professionals come together, backed by strong ties with the industry’s most influential bodies.

Read more...