IS Decisions logo

IS Decisions Blog

Why management should care more about IT securty

Here's why the C-suite should care more about IT security (especially the insider threat).

Published June 19, 2017
Improve Active Directory security with SSO and MFA

IT security is often in danger of being one of those things that only the IT department cares about — often seen by the C-suite as simply a cost to the business that doesn't add to revenue streams.

Concerning internal security, for example, more than half of IT professionals believe that their senior management does not take enough responsibility for employee training, security policies or technology implementations to mitigate the insider threat.

The threat that employees pose is one of the most potentially dangerous to a business. It doesn't matter how good your network perimeter defenses, firewalls, antivirus software and threat-detection software are; if your employees fall for phishing scams, share passwords or still have access to company files once they've left, you're wide open to attack.

Which isn't to say that insider threat is not addressable, or that protecting company data is the only reason internal security is important. Here we explain why C-level executives should care more about IT security and, in particular, the insider threat.

IT security goes beyond keeping your company safe

Why C-level executives should care more about IT security.

Close the deal

IT security can help you close deals.
An anonymous IT pro once confided in IS Decisions that his company was able to secure a major deal worth £300k because the company's security was tighter than the competition's. That deal could've gone a long way to paying for the company's IT security, and then some.

Build trust with customers

IT security can help you build trust with your customers.
Consumers are taking internal security more seriously these days — something that's worrying IT pros. Eighty percent of IT professionals in IS Decisions' research believe that perception of security processes has a big part to play in a customer's decision on what companies they choose to do business with.

Remain competitive

IT security can help you remain competitive.
Over two-thirds of U.S. IT professionals (77 percent) who are without an insider threat program plan to launch one this year, while 56 percent have one already. If you don't put one in place, you risk having weaker defenses than your competitors, something that can be held against you when pitching for that next big contract.

Mitigate potential breaches

IT security can help you mitigate against the smallest of events that lead to severe breaches. Attacks on Sony, Anthem, eBay, Target and other high-profile breaches in 2014 came as a result of an employee 'slip up' like sharing a password. The source of Sony's high-profile breach was said to have been ex-employees who had continued to have access to the company's network. The smallest things can lead to the severest of data breaches.

Improve business relationships

IT security can help you improve relations with your partners and supply chain.
You're not always the only one affected when a breach happens — your partners' and supply chain's data can also be compromised in an attack. With better internal security, you can keep your partner network intact and maintain relations, and this works both ways — make sure the partners you choose are reliable and secure.