SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Watchguard’s playbook for security professionals
Wed, 8th Apr 2015
FYI, this story is more than a year old

“There's a running joke in IT about the secret to getting the network security budgets they need: wait for a breach,” so says security solutions provider Watchguard Technologies.

Naturally, that's the most costly way for companies to address network security, because it's too late.

According to Pricewaterhouse Coopers, 48 million cyber security incidents were reported in 2014, with the worst incident costing more than a billion dollars in losses.

To help IT professionals better present a case to the C-suite, WatchGuard Technologies has released a new eBook: How to Sell Infosec to the C-Suite: A Playbook to Build Your Case and Get your Budget.

The 7-step guide offers security professionals a ‘playbook' offering several security tips including: how to properly evaluate your company's security position; best practices for scanning and identifying possible network weaknesses; and guidelines for successfully presenting your business case for resolution to the C-Suite.    “Hackers know companies are vulnerable because they struggle with the perceived cost and complexity of properly securing their networks,” says Richard Barber, chief financial officer at WatchGuard.

“Companies can no longer afford to wait for a breach to ensure their networks are prepared to face today's cyber criminals,” he says. “Our new guide helps organisations walk through the process of evaluating their security stance, putting these risks into business impact terms, and guiding them on how to successfully get buyoff from executives or business unit heads.”    Barber offers some key tips that need to be considered when presenting to the C-suite:

·       Understand the executive's level of technical proficiency

·       Understand the organisation's competing priorities

·       Frame the discussion around organisational impact

·       Provide a list of potential outcomes with an indication of probability and organisational impact page.