Security managers have to face up to risk

Security managers have to face up to the reality of cyber attacks or risk being hit hard when things go wrong according to Dimension Data's security chief

The dream of a silver bullet that solves all the security needs a customer might face might be the stuff of fairy tales but there is a risk that some users are over estimating their ability to fend off attacks and are leaving themselves exposed to risks.

With delivering cyber security a constant work in progress the channel has a responsibility to encourage customers to face up to the need to keep a watchful eye on their ability to fend off attacks.

Research not only indicates that cyber threats are rising but also the potential targets are widening with enterprises, SMEs and down to individuals all prospects for criminals keen to get hold of sensitive information.

As a result of that changing landscape, which is complicated by the growth of staff bringing their own devices, those in the channel selling security find themselves having to keep an eye on a growing number of risks.

Dimension Data’s group general manager of security Neil Campbell said that users needed to accept that bad things were possible and build defences and procedures to deal with the worst should it happen.

"If you don't prepare for incidents then they will hit you very hard. The incident can go on for much longer and causes more damage," he said.

He added that one of the other challenges was to try to get security managers to think about enabling different ways of working rather than trying to lock down data.

"Security is often seen as an inhibitor. Security people think it is too risky and that's a really bad situation. The security team has the time to make sure appropriate controls are built in with minimum risk," he said.

He said it did not increase the cost of a project significantly to have the security carefully thought about at the start of the process and it made sense to try and think of the potential risks rather than trying to cope with them later on or try to apply them to shadow IT that is being brought into the organisation by staff.

Read more on Threat Management Solutions and Services