Improve IT Security Without Breaking The Bank By Beefing Up Governance

It’s good and all to talk about making additional investments in to IT security, but budget is a concern for most organisations. If your company has a tight purse string, there are still ways to improve IT security.

Security image from Shutterstock

IT services firm Accenture, along with the Ponemon Institute, recently conducted a global study on 150 companies over a two year period to observe what businesses with effective security arrangements in place have in common. This was then split out into three components: strategy, technology and governance.

Strategy pertains to making security a top priority, technology involves using the latest tools to safeguard IT assets while governance refers to bringing in processes to strengthen a company’s security posture. While strategy and technology are both likely to require monetary investment, changing up the governance side of IT security is a cost effective option, according to Accenture Asia-Pacific security lead Jean-Marie Abi-Ghanem.

He stressed the importance of having the chief security officer (CSO) reporting directly to the top executives and having control over budget and resourcing when it comes to improving IT security governance in an organisation.

“Having one person who is able to define the security program and have a say on what needs to be done is key,” Abi-Ghanem told Lifehacker Australia

He also noted that organisations need to move away from a reactive, compliance-only approach and focus more on risk management to strengthen IT security.


The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.

Comments


4 responses to “Improve IT Security Without Breaking The Bank By Beefing Up Governance”