by Ross Dyer
One of the things you’ll hear some CISOs grumble about from time to time is how tricky it can be sometimes persuading the business to release more funds. The skill of the good security chief, of course, is in translating highly technical concepts into a language the board will understand. But even so, it can be a tough sell when the end result of thousands of pounds of investment is … precisely nothing. With cyber security you’re effectively buying insurance against a damaging breach.
So it was interesting last week to see Sony declare that it spent a whopping $15 million on investigation and remediation after major cyber attack last year. It gives just a small insight into the potential financial impact of failing to adequately ‘insure’ your organisation against attack. Continue reading