Security Business

MAR 2019

Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.

Issue link: https://sdi.epubxp.com/i/1095589

Contents of this Issue

Navigation

Page 33 of 109

32 Security Business / www.SecurityInfoWatch.com / March 2019 the changing players involved in the decision-making process. In years past, we saw security directors and facility managers playing the largest role in deciding what technology was purchased – now, we see more influ- ence from IT leaders, who are deeply involved in conducting product review and budget oversight. Given that the majority of tech- nology devices now communicate on their network, it makes sense for IT to have a substantial seat at the deci- sion-making table. Cybersecurity Changes the Landscape It seems that not a day passes without a new data breach or cybersecurity incident announced by news outlets. Open a social app, attend an industry event or read a trade magazine and the topic of cybersecurity is front- and-center. Unfortunately, it is not all hype – cyber incidents are happening, and when they do, it is oen devas- tating to an organization. e average financial impact of a data breach starts at $117,000 for a small business and $3.86 million for large enterprises. e need for the security integra- tion industry to step up its cyberse- curity posture is now more important than ever. Incidents happen regu- larly, including business email com- promises, ransomware attacks and breaches of customer information. e majority of these incidents are not made public, but they are happening to organizations large and small. As the cybersecurity landscape shis, your relationship with current customers is evolving. You are going to witness a change as many end-user organizations recognize that their ven- dors are a potential cyber-threat. One of those vendors is the security integrator, and a very unique one at that. Not only do security integrators have access to IT rooms and clos- ets for wiring and installation, they also deploy hardware and soware solutions that ride on the corporate network and store very sensitive cus- tomer data in their systems. at data may include floor plans to buildings, system design with device locations, network schematics, IP and MAC addresses, and device passwords. Internal Hygiene End-user organizations are taking steps to protect themselves against these threats, and it is impacting secu- rity integrators across North Amer- ica. Not only are end-users begin- ning to ask their providers about how they are cyber-hardening the systems they deploy, but they are increas- ingly employing third-party vendor assessments – designed to identify if a provider has the appropriate cyberse- curity posture to protect the end-user customer's data. Questions that security integrators will need to answer oen include: • Do you have an incident response plan in place in case of a breach? • How oen do you complete cybersecurity assessments of your internal systems? • Are you performing network pen- etration testing and vulnerability scanning of your systems regularly? • Are your non-IT personnel being trained on cybersecurity? • Do you utilize encryption solutions when storing data? • Do you have cyber insurance in place, and what exactly does that cyber insurance cover? Aer receiving these assessment questionnaires, integrators are oen caught off guard, without the correct cybersecurity in place at the time of request. More important, the way they answer these questions is oen the dif- ference between winning or losing a customer or significant project. e balance here is an opportunity to position your organization in a pos- itive light. If your internal cybersecu- rity hygiene is strong, you can use it as a proactive sales tool that meets the assessment needs, earns trust with the IT decision maker and separates your company from the competition. Graduating to Cybersecurity Services Once an integrator has a handle on its own cyber-hygiene, why not provide cybersecurity as part of a total offer- ing? Today, security integrators have a seat at the table with IT decision-mak- ers who are looking for assistance with cybersecurity. is especially holds true for smaller organizations whose IT teams are overwhelmed with sup- porting existing systems and infra- structures; yet, they are beginning to feel pressure to find and implement cybersecurity solutions as well. Along with the development of a larger range of IT services, several security integrators are adding cyber- security to their solution offering. Some of this is occurring through acquisitions – we have recently seen some of the largest security companies Emerging Services Along with the development of a larger range of IT services, several security integrators are now including both traditional security solutions, such as cameras and access control, as well as a portfolio of managed cybersecurity products and services.

Articles in this issue

Links on this page

Archives of this issue

view archives of Security Business - MAR 2019