A recent report detailing how some organisations respond to security threats, it seems their response/DR capabilities are far better than their response process. Now forgive me if I am wrong, but shouldn't you be closing the doors while the horse is in there or waiting for it to bolt?
Tactically speaking and bearing in mind most incidents these people are referring to are in the past. ie worms that do nothing but cause a nuisance are history and if you react to the current threats in this way it is too late, your data is gone, compromised, in the hands of someone who you don't trust.....
A recent report reveals that more companies would rather spend money cleaning up the aftermath of an attack on their network security than deal with it proactively. The report, from CSO Magazine Security Sensor, states that security education is now only the third most important priority for security chiefs this year, due to the costs associated.
The report also said that business resilience and disaster recovery have replaced security education as the top corporate security priority. Robin Adda, managing director of GTSLearning thinks companies should be more preventative.
"Maintaining security in business is of paramount concern to all. New threats, such as mobile network worms, are appearing continually," said Adda.
"Every single worker in every kind of organization needs to have a fundamental awareness of security threats and responses and ongoing education is essential for survival. Increasing spend on disaster recovery is just fixing a problem that shouldn't have happened in the first place."
To address the GTSLearning's disagreement with the after-approach, the company introduced an online learning library with a range of educational content for employees at various levels. It includes 28 course modules that can lead to IT security certifications. Topics include network security fundamentals and security awareness, and network defense and countermeasures, among others.
Employees can earn certifications like Certified Ethical Hacker from the EC-Council, CompTIA's Security+ Certification, Certified Information Systems Security Professional and the Security Certified Network Professional.
"We feel very strongly about security," said Adda. One major, unrecoverable security breach could be all it takes to bring a business to its knees and damage its reputation irreparably."
No comments:
Post a Comment