, ,

Cyber security on a shoestring: maximizing your ROI

With nearly a third of companies now falling victim to cyber-attacks, organizations know they need to invest in adequate defenses. But they don’t always have a big budget to do this. The good news is there are several options for businesses that need to be efficient and make the most of what they already have. Here, we consider how businesses can guard against the risk of cybersecurity threats without breaking the bank.

Maximizing cyber security ROI

Creating a robust cyber strategy for the unique needs of your business is vital to ensure you are focusing your attention on what’s most significant. You should start by identifying the purpose and goals of your organization.

For example, if you are a food manufacturer, your purpose may be to supply supermarkets with pre-packaged sandwiches, and your goal is to produce 200,000 packages per day. If that processing facility was to go offline for one day due to an attack, what would be the impact of failing to produce those sandwiches be? This might include a revenue loss of £100,000 per day, reputational damage, legal fees and the potential for retailers to exercise contract break clauses.

By imagining your worst day, you can start to get a clearer picture of what systems are critical to business operations and what downtime you can afford. This will help you to identify where investment and resources are most needed.

Protecting your key assets

The next step is to understand if the defenses you have in place currently can adequately protect critical systems, networks and data. To really put this to the test, consider using an internal or external security team to attack those systems then record what happens. You’ll want to know:

  • How you identified the attacks?
  • What contained or eradicated the attacks?
  • What was the response / aftermath?

This exercise can reveal your strengths and weaknesses, when it comes to the technologies, people and processes you have in place to protect the business.

Technologies – Learnings from these types of exercises nearly always reveals ways to optimize existing tools and technologies and operate more efficiently. For example, you may discover you have duplicate tools and there is an opportunity to cancel contracts and reinvest. In addition, there may be underutilized native security settings you could be taking greater advantage of – such as a built-in email filter to protect against spam and phishing emails.

You may find software updates and patches are not up-to-date. This is easy win to prevent vulnerabilities as many of these can be automated, such as with the best patch management software. It may also be that configuration improvements can help fill any gaps or weaknesses you may have identified.

People – Implementing measures that encourages staff to adopt a ‘zero trust’ mindset will help to minimizes the chance of an attack being successful. There are several low-cost activities businesses can take to create this strong security culture.

Much like you would review the tools and technologies in your organization, it is well worth spending time to review what skills exist within the security and IT teams, as well as the wider business. Are there opportunities to spread knowledge and cross train staff? Knowhow can be shared in many ways. This may be through lunch and learn events or more formal training and simulations. This does not need to be expensive. There are also a number of free resources available including Dracoeye which can be used by teams to search and identify any security threats.

In addition to training, organizations need to focus on creating a culture where staff are encouraged to report suspicious activity without fear of “getting it wrong.” To aid this, consider using a dedicated portal where staff can share any issues and where anything immediately dangerous can be escalated. The worst scenario is where staff are too afraid to say anything. You want people to feel they are in an environment where they can speak up without fear or repercussion.

Processes – Finally, it’s important to look at the processes and solutions you have in place if the worst should happen. This is all about planning. It’s about knowing how each part of the business will keep functioning until a clean-up can be carried out. Do you understand what your legal obligations are in terms of informing customers? Depending on the nature of the breach, you may also need to inform authorities, such as the Information Commissioner’s Office (ICO) if based in the UK. Staff will always feel better if they know there is a playbook and a plan for each scenario.

By following these steps, businesses can make more of what they have and identify opportunities to redistribute budgets and make immediate savings. The biggest victory however is having an effective cyber strategy that the businesses is confident in. This will vastly reduce the risk of financial and reputable damage and allow the business to continue to deliver on its goals.

We’ve rated the best Zero Trust Network Access Solutions.

This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

https://www.techradar.com/pro/cyber-security-on-a-shoestring-maximizing-your-roi


Leave a Reply

Your email address will not be published. Required fields are marked *

January 2025
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  

About Us

Welcome to encircle News! We are a cutting-edge technology news company that is dedicated to bringing you the latest and greatest in everything tech. From automobiles to drones, software to hardware, we’ve got you covered.

At encircle News, we believe that technology is more than just a tool, it’s a way of life. And we’re here to help you stay on top of all the latest trends and developments in this ever-evolving field. We know that technology is constantly changing, and that can be overwhelming, but we’re here to make it easy for you to keep up.

We’re a team of tech enthusiasts who are passionate about everything tech and love to share our knowledge with others. We believe that technology should be accessible to everyone, and we’re here to make sure it is. Our mission is to provide you with fun, engaging, and informative content that helps you to understand and embrace the latest technologies.

From the newest cars on the road to the latest drones taking to the skies, we’ve got you covered. We also dive deep into the world of software and hardware, bringing you the latest updates on everything from operating systems to processors.

So whether you’re a tech enthusiast, a business professional, or just someone who wants to stay up-to-date on the latest advancements in technology, encircle News is the place for you. Join us on this exciting journey and be a part of shaping the future.

Podcasts

TWiT 1013: Calamari in Crisis – Touching the Sun, Fake Spotify Artists, Banished Words This Week in Tech (Audio)

Touching the Sun, Fake Spotify Artists, Banished Words AI Needs So Much Power, It's Making Yours Worse How many billions Big Tech spent on AI data centers in 2024 NASA Spacecraft 'Touches Sun' In Defining Moment For Humankind Elon Musk Calls Out NASA's Moon Ambitions: 'We're Going Straight to Mars' Elon Musk and the right's war on Wikipedia Trump Asks Supreme Court to Pause Law Threatening TikTok Ban US Treasury says Chinese hackers stole documents in 'major incident' Judge blocks parts of California bid to protect kids from social media Finland probes Russian shadow fleet oil tanker after cable-cutting incident US appeals court blocks Biden administration effort to restore net-neutrality rules The Ghosts in the Machine (fake spotify artists) Massive VW Data Leak Exposed 800,000 EV Owners' Movements, From Homes To Brothels Banished Words | Lake Superior State University 2025 Public Domain Day 2025 Happy Birthday, Bitcoin! The top cryptocurrency is old enough to drive End of the lines? QR-style codes could replace barcodes 'within two years' Host: Leo Laporte Guests: Richard Campbell, Anthony Ha, and Stacey Higginbotham Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: ZipRecruiter.com/Twit joindeleteme.com/twit promo code TWIT canary.tools/twit – use code: TWIT zscaler.com/security
  1. TWiT 1013: Calamari in Crisis – Touching the Sun, Fake Spotify Artists, Banished Words
  2. TWiT 1012: Our Best Of 2024 – The Best Moments From TWiT's 2024
  3. TWiT 1011: The Year in Review – A Look at the Top Stories of 2024
  4. TWiT 1010: The Densest State in the US – TikTok Ban, Drones Over Jersey, GM Quits Robotaxis
  5. TWiT 1009: Andy Giveth & Bill Taketh Away – Trump's Tech Titans, Crypto Boom, TikTok's US Ban, Intel CEO Exits