Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Monday, July 22, 2013

Cyber threat well understood but organisations lack ‘intelligence’ to deal with it

Businesses across the UK may be more aware of cyber security threats, but they still have a long way to go to balance the cyber crime odds back in their favour. A report released by KPMG suggests that by learning from the intelligence approach adopted in the fight against terrorism, organisations can improve their safety-net and meet the ever-changing challenges of cyber attacks. KPMG’s Data Loss barometer, for example, shows that the hacking of information held by businesses has jumped globally from only 8% of total incidents in 2010 to a shocking 52% in 2012.


Malcolm Marshall, KPMG partner and head of the firm’s Information Protection & Business Resilience team, said: “Increased awareness of cyber security threats is a positive trend, but indications are that organisations now need to focus on putting into place the fundamentals of intelligence management to gain real value from what they know. These revolve around creating an intelligence-led mindset within organisations, implementing an operating model similar to those employed by the intelligence community and building a decision-making process which is centred on a tightly controlled “information gathering programme”.


“Cyber threat: intelligence and lessons from law enforcement” argues that an intelligence-led mindset establishes a direct connection between the threats and vulnerabilities organisations face and the consequences of their compliance or inaction.


The report also goes on to argue that to embed intelligence-led decision-making, business leaders should follow the example set by law enforcement agencies. For example, rather than simply collating data, KPMG’s report urges organisations to set parameters for the type of information being gathered, so that haphazard approaches to analysis and actions can be avoided.



Link: http://www.investortoday.co.uk/news_features/cyber-threat-well-understood-but-organisations-lack-E28098intelligenceE28099-to-deal-with-it

Posted on 07/22
NewsPermalink