Surprisingly (or not!), many of the organisations I deal with – both mid-sized and larger businesses – do not have a dedicated owner for IT Security. This means that the responsibility can often fall on multiple people within an IT team – or even an audit and risk committee in some cases.
The challenge comes when the “proverbial hits the fan” and that’s often when the finger pointing starts between different folks from the business and IT leaders where security still sits within a portfolio mixed up in a bunch of other services.
We often hear “well we have a firewall”, “we have virus protection”, or “Jim down the hall looks after the email server”. But most of us know that these days, without a pro-active security strategy, any organisation is literally a sitting duck!
Many businesses can’t afford the FTE costs and ‘SOC’ or ‘NOC’ type facilities that perhaps larger corporates and multi-billion dollar institutions may have. And even when a business does have an IT Security individual at hand, it is often the case that these roles can be toothless in terms of access to budget and decision making power. And if the business does get breached they still cop the flack for it.
As a result, we’re seeing an increasing shift towards outsourcing these mundane – but essential – IT security functions to service providers that deliver either a shared or dedicated service. Given how hard it is to firstly find, and then retain security analysts for your business it is little wonder that this is becoming a more attractive option. Added to this, it is far more cost effective to have a dedicated security service provider with its own team capable of hunting down, alerting and responding to security events – very helpful in avoiding your first or next collision with the front pages of the press!
Without help, ensuring effective IT security practices can literally become an impossible mission, especially when you take into account the need to deliver awareness and education for your business and staff, having the right and up to date policies, processes and technology.
So if you’re in this camp and see the same challenges in your world, have a chat to us today and find out how Intalock can help you overcome your own specific IT security challenges.