header image

Challenging Insecurity: A Roadmap to Cyber Confidence

Jamie Smith 12 January 2021
12 January 2021    Jamie Smith

Investing in Cyber Resilience: Spend, Strategy, and the Search for Value

Today's fast-changing threat landscape puts increased pressure on companies to make the right investment choices and improve their cyber resilience. For this report, S-RM surveyed 600 senior leaders and IT decision makers to discover which cyber investment areas provide the best value for money and what savings result from investing in cyber security.

Download Report

Are you confident that you understand your company’s cyber security posture?

This past year has reinforced the challenge of confidently predicting the future. What we know for sure, however, is that the future for senior leadership and their information security teams will feature difficult conversations about the state of their cyber security

 

Because these cyber security discussions can be complex, it may be difficult for stakeholders to feel confident in their decisions. Indeed, a recent survey of US and UK cyber security professionals found that 70% lacked confidence in their organisation’s security posture

 

However, senior leadership teams make challenging decisions all the time. There is no reason why they shouldn’t have the same comfort discussing their cyber security posture as they do other core elements of their business. So, what's driving their insecurity?

Ask someone what “cyber threat intelligence” is and they will probably point you in the direction of a shiny piece of software that costs a lot of money. Ask them what it does, and they’ll likely tell you that it searches the dark web, provides real time threat information, and helps prevent incidents before they happen. It all sounds really impressive – and in many ways it is – but, ask that same person what they are trying to achieve with their threat intelligence programme, or even how they measure its success, and the crickets will start to chirp.

This would not be their fault. The landscape of cyber threat intelligence is confused right now, and it is exceedingly difficult to cut through the noise and work out how to add value to your cyber security initiatives. Part of the reason for this, is that the industry seems to have prioritised selling flashy subscriptions over helping organisations identify and understand their intelligence objectives. 

 

Ask someone what “cyber threat intelligence” is and they will probably point you in the direction of a shiny piece of software that costs a lot of money. Ask them what it does, and they’ll likely tell you that it searches the dark web, provides real time threat information, and helps prevent incidents before they happen. It all sounds really impressive – and in many ways it is – but, ask that same person what they are trying to achieve with their threat intelligence programme, or even how they measure its success, and the crickets will start to chirp.

This would not be their fault. The landscape of cyber threat intelligence is confused right now, and it is exceedingly difficult to cut through the noise and work out how to add value to your cyber security initiatives. Part of the reason for this, is that the industry seems to have prioritised selling flashy subscriptions over helping organisations identify and understand their intelligence objectives. 

 

 

 

S-RM is a global risk consultancy providing intelligence, resilience and response solutions to clients worldwide. To discuss this article or other industry developments, please reach out to one of our experts.

CYBER SECURITY INSIGHTS REPORT 2022

We reveal the challenges faced by C-suite professionals and senior IT leaders across three key areas of cyber security – budgets, incidents and insurance.

Download Report