Describing information security management most often think of damage which company might occur because of sensitive data theft or fine imposed by the regulator. However, could just only negative effects indicate on necessity of reliable protection? Do business success and information security have causal relationship?
Some time ago, Vodafone Company made a study on information security across eight countries among more than 1,400 companies of different sizes. The results revealed a strong connection between implementation of information security standards and business success. It found that 86% of rapidly growing companies consider information security not just as a means of protecting data, but also as a source of new business opportunities.
The study pointed to a number of benefits that arose between organizations and their customers due to reliable information protection:
Thus, companies that clearly understand the state of business environment (concerning threats of data leak or theft) are divided into those who have already experienced information security incident and those who take measures to prevent or minimize such scenario. Accordingly, security becomes an aspect that positively influences clients – an advert of confidential relations.
However, not all geographic regions have the same attitude to the information threats. Thus, only 55% of Italian companies are concerned about protection, while in the US and Singapore this number reaches up to 73% of respondents.
Meanwhile, organizations which use cloud technologies or Internet of things report impressive results occurred after the introduction of information security technologies, claiming a 24% increase in revenue. They also say that improving safeness of data operations has found a strong response from consumers of their services. In fact, the security has become a part of business agility.
Customer demands and awareness of growing information threats lead to increase in security budgets. 87% of companies expect to increase spendings on cybersecurity in the next three years. 10% of them claim that the budgets will double.
Small businesses are most concerned about data loss, while large organizations are primarily think of regulatory compliance (GDPR). That is not surprising given the size of the fine prescribed, which can shake the company's financial stability.
Naturally, any new technology will require additional funds for its purchase, implementation and maintenance. Organizations will have to introduce a new position of an information security officer or assign additional duties to employees engaged in information support. However, what is the cost of damage from stealing data of 1.5 million people, including prime minister, happened in Singapore some time ago?
The survey has revealed one negative point - lack of information on how to protect company.
41% of decision-makers in the industry sectors don’t know where to find the best help while creating a safety loop. The engineering and construction industry happen to be most uncertain, as 52% of organizations don’t know where to get an advice.
The study also revealed how acute is the problem for small businesses. 60% of companies consider themselves poorly informed about information security.
Lack of information leads to the implementation of technology that does not meet the specifics of the business. As a result, the company will experience only losses from implementation and will have to overcome consequences of security incidents. At the same time, management will be disappointed in the system of protection and will require time along with additional expenses to rethink and change the trend.
It’s common to have overlooked the necessity to protect the organization from internal leaks. However, insiders are capable to cause companies much more serious damage than outside intruders. That’s because employees have access to confidential data.
Falcongaze stands for integrated approach developing DLP technology SecureTower. The system analyzes via its algorithms information that circulates in the organization and blocks transmission and/or notifies the officer of that in case when information is critical and is sent where it is not supposed to.
As we see, improving information security brings new customers, improves relations with old one and enlarges income. However to get these benefits, decision-makers ought to be aware of best technology fitting their busyness, otherwise the losses may be huge.