• News
  • Security
  • Products
  • About Seqrite
Seqrite Blog Blog
  • News
  • Security
  • Products
  • About Seqrite
Home  /  Security  /  Aligning Cybersecurity with Business Objectives
Cyber security with Business Objectives
10 June 2017

Aligning Cybersecurity with Business Objectives

Written by Seqrite
Seqrite
Security
Estimated reading time: 3 minutes

A report by Center for Strategic and International Studies revealed that there are three levels of misaligned incentives that work against cyber security in organizations:

  • The corporate structure of organizations vs free flow of criminal enterprises: The incentives of attackers are shaped by decentralized, fluid market, while rigid bureaucracy constrains the defending corporations and top-down decision-making systems.
  • Misaligned strategy and implementation: More than 90% organizations have a security plan in place. However, not even half of these organizations have implemented these policies.
  • Senior executives vs those in implementation roles: The parameters by which the top executives who design the strategy and measure success are different than those of the team that implements the cyber security.

What can companies do?

There’s no one size fits all solution out there for aligning cybersecurity into strategic execution; no single solution that will work for all enterprises. Different techniques are suited to various organizations based on their culture and environment. However, on a broad level, few of the important organizational areas that are important to attain business alignment for cyber security are:

Culture:  Developing a culture, across the organization, to imbibe secure practices into daily routine tasks, is probably the best solution to achieve security objectives. Management may define security policies, but if all do not follow them, it fails the purpose. If everyone from top to bottom, supports them as a part of daily routine without compromise, even if it costs little higher to the company, it has the best chance of success. Managers, users, IT professionals and everyone else should be able to make a wise and policy based decision when it comes to information risk.

Planning: The strategic and tactical planning of the security across the organization provides best opportunity to align individual security projects to business requirements. It is best to leverage enterprise architecture principles in the planning of security processes.  Building cyber security right into enterprise architecture also gives it the best chance to be adopted and followed for every project.

Processes:  Implementing industry standard systems such as Information Security Management Systems (ISMS) prescribed by ISO 27001, provides the ability to assess, develop and deploy security solutions as and when required by the organization.  These processes make an evaluation of organization’s security requirements a continuous process instead of a single instance of security implementation.

Communication:  The communication about incidents, resolutions, and other security related activities should be defined as service level metrics and built into service level agreements between IT organization, users and partners.

Competencies:  Cyber security experts are expected to have technical skills. However, to align with business, they must also have business skills such as understanding of business architecture, personal communication, marketing (of security ideas within organization at levels above, below and at par of the expert)

Technology:  It is not just about implementing the best of tools available in the market that meet your requirements. Organizations also need to set up best of the breed processes and practices related to technology. Implementation of processes based on standards such as ITIL (V3), ensure technical integration of security controls integrated with IT services.

Relationships: Alignment of any department with business depends upon the cooperation and support of decision makers and stakeholders. Security is no different. Cyber security department must maintain alignments with key people to get visibility into business and get appropriate and required resources for them to do their job.

Business Alignment of cyber security cannot be addressed with one size fits all approach. It needs time, resources and comprehensive strategy to integrate and built the security into the business practices and organization’s business model.

Seqrite helps businesses simplify IT security and maximize business performance. To know more about our products and services visit our website. 

 Previous PostCyber Security – Do Manufacturing Firms Need to Bother?
Next Post  Security Threats in Cloud Computing
Seqrite
About Seqrite

Follow us for the latest updates and insights related to security for enterprise networks. Subscribe to our newsletter to stay...

Articles by Seqrite »

Related Posts

  • Is your Router exposed to cyber threats

    Is your router exposed to cyber threats? Here is how to safeguard it.

    July 30, 2020
  • Snake ransomware stings to spread its venom in the veins of enterprise networks.

    Snake Ransomware brings impending doom to enterprise networks

    July 10, 2020
  • APT harbingers are using Honey Traps to attack Indian Defence.

    Operation ‘Honey Trap’: APT36 Targets Defence Organizations in India

    July 8, 2020

No Comments

Leave a Reply.Your email address will not be published.

Cancel reply

CAPTCHA Image
Refresh Image

Popular Posts

  • RAT used by Chinese cyberspies infiltrating Indian businesses RAT used by Chinese cyberspies infiltrating Indian businesses December 18, 2020
  • Benefits of having Intrusion Prevention/Detection System in your enterprise Benefits of having Intrusion Prevention/Detection System in your enterprise February 15, 2018
  • 5 Security measures you should take to protect your organization’s network 5 Security measures you should take to protect your organization’s network August 11, 2017

Featured Authors

  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Viraj Talikotkar
    Viraj Talikotkar

    Viraj is a Lead Technical Writer at Quick Heal Technologies. He is always on...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of...

    Read more..

Latest Posts

  • Are we prepared against risks generating from the IoT revolution?

    Are we prepared against risks generating from the IoT revolution?

    January 15, 2021
  • Proactiveness is the key to resolving hybrid cloud’s security challenges

    Proactiveness is the key to resolving hybrid cloud’s security challenges

    January 6, 2021
  • How can EdTech companies deal with rising security challenges?

    How can EdTech companies deal with rising security challenges?

    December 24, 2020

Stay Updated!

Topics

Antivirus For Linux (10) Antivirus For Server (9) BYOD (9) Cyber-attack (31) cyber-attacks (56) cyberattacks (12) Cybersecurity (274) cyber security (25) Cyber threat (29) cyber threats (44) Data (10) data breach (50) data breaches (27) data loss (28) data loss prevention (33) data protection (21) data security (13) DLP (49) Encryption (16) endpoint security (102) Enterprise security (14) EPS (9) Exploit (12) firewall (11) hackers (9) incident response plan (9) IoT (10) malware (58) malware attack (22) malware attacks (12) MDM (25) mobile device management (9) Network security (18) Patch Management (12) phishing (16) Ransomware (54) ransomware attack (29) ransomware attacks (30) ransomware protection (12) Seqrite (24) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (10)

Products

  • Endpoint Security (EPS)
  • Seqrite Encryption Manager
  • Seqrite Endpoint Security Cloud
  • Cloud Security
  • Seqrite mSuite
  • Seqrite MobiSMART
  • Unified Threat Management
  • Seqrite Secure Web Gateway
  • Antivirus for Server
  • Antivirus for Linux

Resources

  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies

About Us

  • Company Overview
  • Leadership
  • Why choose SEQRITE?
  • Awards & Certifications
  • Newsroom

Archives

  • By Date
  • By Category

© 2020 Quick Heal Technologies Ltd. (Formerly Known as Quick Heal Technologies Pvt. Ltd.) Cookie Policies Privacy Policies

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website.
By browsing this website, you agree to our cookie policy.