IT security spend is too often seen as a grudge purchase by business management. But the fact is – effectively securing enterprise networks is a business imperative, says Networks Unlimited.
Anton Jacobsz, MD of Arbor Networks distributor Networks Unlimited, points out that failing to effectively protect the enterprise networks and data can literally bring a business to its knees. “Besides the obvious compliance issues, effective information security has a range of business benefits – not least of them significant cost savings,” he says.
Jacobsz notes that most enterprise networks have already been compromised in some way, whether the enterprises are aware of it or not. In an environment in which attackers use myriad tools and techniques, with a variety of goals, 100% risk avoidance is virtually impossible, he says.
“The impact on a company when it falls victim to attack can be staggering. In cases where the business model depends on online trading, the losses per minute of site down time are easily measurable and can be huge. Less quantifiable are the costs to companies that do not trade online, but suffer a breach.
“There are costs in terms of recovery – which are usually far higher than the cost of putting an effective security strategy in place to prevent the attack in the first place. In addition, there are potential losses due to fraud, staff and customer confidence and brand reputation. The cost of not doing something is far higher than the cost of implementing a plan,” he says.
Jacobsz highlights an example of a local company which had its system breached, allowing fraudsters to change banking details on a payment due, so diverting funds from the intended recipient. “This is far from an isolated incident, and can cause significant losses,” he says.
However, a study sponsored by Arbor Networks and carried out by the Economist Intelligence Unit, has found remarkably low levels of preparedness among businesses. Only 17% of business executives say they feel fully prepared for a security breach, although three-quarters have suffered a cyber security breach of some kind in the past two years.
A firewall is not enough, Jacobsz points out. “Businesses must have a progressive, multi-layered plan across the entire enterprise, and this strategy has to continually evolve in line with constantly changing threats.”
