|
We’ve all read the stories of millions in lost productivity, ruined reputations and other consequences of poor IT security. But just as photos of diseased lungs don’t deter many smokers, scare talk only goes so far in motivating some businesses to spend more than a minimum on security measures. That’s because companies can see security as a burden, one that doesn’t necessarily contribute to the bottom line.
“Companies tend to look at the direct benefits” while overlooking the business benefits of security measures, says Dr. Barchi Gillai, director of research for the Stanford Global Supply Chain Management Forum at Stanford University.
Since security’s direct benefits consist largely of preventing negative consequences – fines from regulators, lawsuits from customers and partners, or bottom-line losses due to downtime or supply chain disruption – it may be hard to see how good security can advance business goals.
Studies by industry groups and academics are beginning to suggest, however, that security measures can bring positive benefits to businesses.
How much risk is too much?
Before managing your organisation’s IT risks, you have to first know what they are. Risk assessments should always be the first step in the risk management process, but they’re often the most difficult. Experts weigh in with tips for conducting an effective IT risk assessment.
» Read more about security’s business benefits
» Read more about risk assessment
|
 |
|
Printable version
