W
With IT budgets under pressure to
transform and improve multiple areas of
an organisation and business leaders
needing to demonstrate return on every
investment, the onus has long been on
IT security to prove its worth. But proving
ROI has traditionally been a struggle for
IT professionals, who need to balance
budget limitations while staying ahead of
the dynamic threat landscape. To help
businesses measure their IT security
spend against that of similar organisations,
Kaspersky Lab has updated its Kaspersky
IT Security Calculator.
The calculator, which is based on
research into cybersecurity investment
within a cross-section of different-
sized businesses in a range of sectors
and regions, enables IT security
professionals to benchmark their
cybersecurity strategy against others in
similar circumstances to them.
Based on data from 6,687 business
respondents worldwide, the calculator
allows users to input information about
their business size, region, industry and
IT security spend.
It then tells them how they measure
up compared to industry averages –
providing transparency into the security
measures taken by other similar
businesses, the major threat vectors they
encounter, how much money they have
lost as a result and what can be done to
avoid being compromised in this way.
Maxim Frolov, VP of Global Sales,
Kaspersky Lab, said: “We hope that
this tool will bring IT professionals
the insight they need, to get their
required investment and to protect their
businesses from the latest and most
damaging threats.”
How can CISOs plan their
security strategies on a budget?
ALAIN
ALAIN PENEL,
PENEL, REGIONAL
REGIONAL VICE
PRESIDENT
– MIDDLE
EAST,
VICE PRESIDENT
– MIDDLE
FORTINET
EAST, FORTINET
Alain Penel, Regional Vice President –
Middle East, Fortinet
www.intelligentciso.com
|
Issue 04
Serving as CISO for an enterprise isn’t
an easy undertaking. The following
FEATURE
are eight recommendations that can
help lay the groundwork for a long and
successful tenure on a budget:
1. Map the attack surface: Digital
transformation includes technology
trends such as cloud adoption, the
Internet of Things (IoT) and mobile
user connectivity that have erased
the traditional network perimeter,
exposing enterprise environments
to unanticipated risks. Given these
trends, developing a comprehensive
understanding of your attack surface
is a critical starting point for every
new CISO.
2. Understand compliance
requirements: Understanding the
full range of security standards
and mandates that bear on an
organisation is nearly as important
as knowing its vulnerabilities.
CISOs need to get a quick lay of
the land when it comes to what
needs to be tracked and reported
upon. Compliance can be used as
a strategic business enabler, or it
Developing a
comprehensive
understanding of your
attack surface is a
critical starting point
for every new CISO.
can become a headwind that thwarts
business acceleration.
3. Identify the known and unknown:
The threat landscape is rapidly
evolving and changing in ways that
make it impossible to predict and
prepare for. Cybercrime is being
commoditised with the growth of
Ransomware-as-a-Service and
Malware-as-a-Service as successful
criminal commercial markets.
Integrated sandboxing and real-time
threat intelligence sharing between
each of the security elements
49