The problem with everyone knowing who you are

The more successful you are, the wider your reach, and, sadly, the more likely it is that the number of critics and opponents you have is going to significantly multiply. You can’t please everyone.

This is the fate of governments, of big corporations, of uber-rich sports stars and people in the public sphere. They have to contend with the tough duality of being extremely popular and visible, while also being the object of loathing.

Why? Well, haters, they are most certainly going to hate. It then comes as no surprise that the number of large organisations have been hacked into. In the last year alone, one in seven organisations of this stature has had its security breached. On average, a large organisation faces a noteworthy attack every week, whereas a small business is liable to being hit at least once a month.

You see, it’s a basic science – if no-one knows your business, if your scope is limited, your audience even smaller, you simply ‘lose yourself’ amidst the crowd. It’s not that you’re insignificant, far from it. It’s just that everything you do is on a miniature level. Thus, it’s fair to say that if and when you break into the public consciousness and widen the net, with the good times will come challenges. You’re the ‘apple of my eye’ to some and the ‘ants at a picnic’ for others.

The findings of the 2012 Information Security Breaches Survey from PricewaterhouseCoopers (PwC), the global professional services firm, confirm that a new age is upon us: “the number of large organisations being hacked into is at a record high”. The cost of this to companies in the UK now runs into the billions.

In spite of this, many organisations are still not treating this, it seems, as seriously as they should. The poll above found that 20 per cent of organisations spend less than 20 per cent of their IT budget on information security, with 12 per cent of the opinion that senior management give it a low priority.

As professionals in our industry appreciate, this has obvious consequences, something which the researchers of this study reported. Businesses that have experienced very serious incidents of hacking spend, on average, 6.5 per cent of their IT budget on security.

“The key challenge is to evaluate and communicate the business benefits from investing in security controls,” observed Chris Potter, PwC information security partner.

“Otherwise, organisations end up paying more overall. Given that most organisations take a lot of action after a breach to tighten up their security, scrimping and saving on security creates a false economy. The cost of dealing with breaches and the kneejerk responses afterwards usually outweigh the cost of prevention.”

He did accept, rather perceptively, that with security, it is difficult to measure the benefits of any system because it is doing its job and keeping threats at bay, no-one notices. It suggests, therefore, that come a board meeting, when the powers that be are discussing a return on investment, it might be difficult to measure the value of the financial investment that has gone into security measures.

But, if anything, the threat is very real and indeed, cyber crime, as Mr Potter has noted in the survey, is a rising risk to business. This is the status quo. It’s better to be proactive than reflexive, the latter a response when an attack has been achieved. These haters, they’re gonna keep on hating, c’est la vie. Rain on their parade and beef up your security.


Comments are closed.