|
Information exodus: when layoffs mean data leakage |
|
|
|
|
| Written by Neil Sutton, on Tue-September-2009 |
Page 3 of 4
According to the Rotman-Telus study companies that applied business
metrics to IT security effectiveness increased its perceived value for
47 per cent — that can have a dramatic impact on raising the profile of
security in an organization and may help secure more dollars for
security when budget time rolls around.
Measurement is also important for companies that choose to outsource
their security needs. Outsourcing has remained constant during the
recession, but companies should become experts in their own security
needs before turning over the reins to an outside party, says Lefort.
“If you want to delegate something to someone else, you should probably
know how to do it yourself.”
Measuring the effectiveness of an outsourcing partner is key, he says,
and companies that do handle security outsourcing diligently are likely
to experience a smaller number of breaches. According to the study, 60
per cent of companies polled said they are willing to outsource
security operations.
Education and strong leadership may be the most important factors when
it comes to maintaining security, according to Cisco Systems director
and senior advisor for corporate security programs, Christopher Burgess.
Burgess says his company is “blessed” to have a leader like John
Chambers, the company’s chairman and CEO, because he places such a high
value on security. “If you don’t have leadership, you will encounter
the equivalent of pushing a noodle up Mount Everest with your nose.”
Every person from Chambers down to entry level is responsible for the
organization’s security, says Burgess, and must agree to abide by the
company’s code of business conduct.
|
