The cost of the unknown
Are risk intelligence tools the best money your IT department has ever spent?
No-one likes uncertainty. It makes it hard to plan and to forge a way forward where you know what will happen, why and when.
In the corporate world especially the SMB space uncertainty can sap appetite for taking risk and growing the business, stunting innovation and limiting market opportunities. Technology offers a way forward, a way of empowering even the smallest of business to think big and act big in ways that belie their actual stature.
"The importance of technology and the IT professionals who support it is a well-known fact of business success," said Joseph Kim, senior vice president and chief technology officer, SolarWinds.
"We want to draw attention to the mounting responsibility being placed on IT professionals to manage an ever-expanding array of technologies - both those owned by businesses and those beyond, such as end user-owned devices and cloud applications provided by third-party vendors. Our surveys reveal that more than ever, end users are connecting more devices, including those personally-owned, to corporate networks; relying on cloud-based applications; and working outside the four walls of traditional offices. These are all trends that take direct control out of the hands of IT departments, yet as the surveys also demonstrate, the demands on IT professionals to support and ensure the performance of related technologies are just as high."
However, getting investment of any kind, particularly when it comes to technology, can be an uphill struggle for the average business. Often, the person in charge of IT is the same person in charge of everything and anything else. And, while they may see the merits of the technology in question, they have too many other conflicting priorities so it never quite makes the grade.
But it's for these very same reasons of limited resources and conflicting priorities that SMBs really do need to sit up and listen when it comes to how technology can protect their most vital asset: information.
The security elite?
Security should not be the preserve of bigger businesses, which seemingly have limitless IT budgets, dedicated tech departments and ever-growing human resources. The right to protect your company's and your customers' data should be a given.
"The most surprising finding of the survey is just how many UK organisations are less vulnerable today than they were a year ago, and, on a related note, how many have implemented security technologies and better security training," said Mav Turner, director, business strategy, SolarWinds.
"While this is a sign the industry is trending in the right direction, it's important for IT professionals to never get too confident in their organisations' security posture, which could potentially result in overestimating one's defences. After all, the findings also illustrate how high the stakes arewhile less than one-third of UK organisations experienced a security breach in 2015, of those, 77% store potentially sensitive customer data."
However, while levels of preparedness have increased, so too has the number of threats. Furthermore, we don't live in a perfect world and those trying to make money out of customer data or just cause problems because they can do not target you because you are small. You are just another target a faceless, but named, line on a spreadsheet somewhere out in cyber space.
So don't get mad, don't get offended and don't even think about trying to get even. Instead come to terms with the fact that no matter what the size of your business, the bad guys are a big threat. And it's not a case of if you're attacked; it's a case of when.
Now we have got those hard truths out of the way, it's time to forge a path of sense for your business moving forward. Security is not your business and you have no idea the size, scale or timing of the various attack vectors out there on the horizon. So what should you do?
Risk intelligence
This is where risk intelligence comes in. Put simply, risk intelligence gives you an accurate picture of the lay of the land. It can give you an idea of your vulnerabilities in terms of both data at rest and data at risk. It creates a dossier on your business exposure and what you stand to lose if certain areas of your infrastructure get hit. It paints a worst case, but very realistic scenario. And that scenario enables you to see the damage in pounds and pence. And having cold, hard minus figures are often enough to get even the most hardened of finance chiefs to part with their money.
Sophisticated risk intelligence tools essentially put a price on your data weak points, so you can make informed decisions about where to prioritise your security resources. But that's not the only element of risk intelligence. It will also proactively scan your infrastructure in recognition your data estate is ever-changing as are the threats look for trends and provide easy to consume and digest reports so you can share the new-found insight with other key business stakeholders and decision makers.
Furthermore, risk intelligence can assist with compliance confidence and identify areas where you may have already been breached, either through user error or through malintent so that you can choose whether or not you would have acted differently had you known and, of so desired, change your future plans for those areas.
"IT is pervasive across work, life and geography. IT runs the world and, without it, our technological existence would come to a screeching halt," said Joel Dolisy, former SolarWinds CIO.
"BYOD and now the IoT have added and continue to add hundreds of thousands of new devices to corporate systems, and as illustrated in this year's report, IT is also evolving from traditional on-premises-only infrastructure to the hybrid strategy driven by the existence of the cloud. In short, IT is everywhere. Effectively managing and monitoring the new environment - from on-premises to the cloud with multiplying endpoints - to be able to act when needed is more critical now than ever."
Want to know more about data protection? Click here to download a whitepaper.
"This is an independent article written by IT Pro, sponsored by SolarWinds MSP to celebrate thought leadership in IT. Learn more about SolarWinds' MSP Risk intelligence and enjoy a free 14 day trial by clicking here ."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Maggie has been a journalist since 1999, starting her career as an editorial assistant on then-weekly magazine Computing, before working her way up to senior reporter level. In 2006, just weeks before ITPro was launched, Maggie joined Dennis Publishing as a reporter. Having worked her way up to editor of ITPro, she was appointed group editor of CloudPro and ITPro in April 2012. She became the editorial director and took responsibility for ChannelPro, in 2016.
Her areas of particular interest, aside from cloud, include management and C-level issues, the business value of technology, green and environmental issues and careers to name but a few.