Story image

CompTIA: Navigating the decision-making process of an IT security engagement

12 Apr 17

​Today’s IT environment is ever-changing.

According to industry group, CompTIA, unless businesses can ‘effectively navigate the evaluation, purchase, implementation and ongoing management of security solutions and processes,’ they will be at an increasing risk of security breaches.

CompTIA Channel Dynamics and ANZ community director, Moheb Moses says new technologies such as cloud, mobile and big data are enabling digital organisations that rely on technology to not only support operations, but to also drive business outcomes.

“These outcomes may include improved productivity, increased revenue, service innovation and competitive advantage,” Moses says.

“As a result, systems and data have never been more valuable or at risk of attack. What’s more, the threats are changing daily, making the evaluation and purchase of IT security solutions a complicated and challenging endeavour.”

CompTIA have put together a list of questions for navigating the decision-making process of an IT security engagement, which include:

1. What is the organisation’s IT security risk tolerance?

Back in the day when the majority of a company’s technology was on-premises, any data classified as confidential could be placed behind a firewall. Today to cover all bases is simply too expensive, which is why Moses asserts it’s vital to perform a risk analysis to determine the probability of a risk, estimate the potential impact and determine mitigation strategies.

2. What new tools are available to improve security?

There are many new tools arising every day that businesses should consider when updating IT security. While firewalls may not be a complete solution anymore, Moses affirms they are still a crucial piece of the toolkit. There are also many new tools and technique that business might use as they expand their IT footprint, like data loss prevention, identity and access management and enterprise security intelligence.

3. How is the human element addressed?

At the end of the day, employees still pose a significant threat to IT security. Moses says employees that are not following policy or simply do not have the expertise to notice securiity issues are usually the main cause of breaches. The obvious solution to this problem is educating employees, but companies may need help delivering such training.

4. What is the organisation’s current IT security risk profile?

Moses says one of the best ways to assess this is via a third-party security consultant, as they have both detailed security knowledge as well as real-world experience to help discover which security holes exist in an IT environment and which need patching. If they’re unwilling or unable to invest in an external audit, then Moses says the best alternative is a self-assessment to get an idea of where the company stands on the path to best practices.

Lenovo DCG moves Knight into A/NZ general manager role
Knight will now relocate to Sydney where he will be tasked with managing and growing the company’s data centre business across A/NZ.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Review: Blue Mic’s Satellite headphones are good but...
Blue Mic’s newest wireless headphones deliver on sound, aesthetic, and comfort - but there is a more insidious issue at hand.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
IDC: Smartphone shipments ready to stabilise in 2019
IDC expects year-over-year shipment growth of 2.6% in 2019, while the world's largest market is still forecast to be down 8.8% in 2018.
Microsoft NZ bids Goldie a “fond farewell”
Microsoft New Zealand director of commercial and partner business takes new role across the Tasman. The search for his replacement has begun.