As a company with a reputation for building mission-critical IT systems for the defence and aerospace industries, Thales has an understandable interest in IT security spending.
Which is why I was surprised to find myself reading a report (http://www.thalescyberassurance.com/white-papers.htm) commissioned by the company which suggested businesses may be spending too much on IT security by over-protecting non-sensitive data.
Depending upon your company's appetite for risk" she explains "no data is ever considered as non-sensitive.
Ross Parsell, director of cyber strategy at Thales UK, warns that, while the volume and scale of cyber-attacks show no signs of slowing down, there is a danger that resources are sometimes assigned to areas that do not need them.
This idea that IT departments might be spending too much on the wrong things got me thinking: could the average enterprise do better, and be more secure, while spending less?
Paying out
A great deal of the overspend argument depends on what organisations class as 'non-sensitive data', explains Logica's business consulting cyber security lead, Cheryl Martin.
"[In certain companies] No data is ever considered non-sensitive," says Martin. "Cyber criminals earn their keep from obtaining and reselling the most innocuous piece of information which, with careful company grooming, could be used to pull together an in-depth view of the targeted organisation and individuals".
-
Red Hat is giving developers free access to RHEL – here’s what you need to knowNews Red Hat Enterprise Linux for Business Developers aims to help development teams build, test, and deploy applications more efficiently – and at no extra cost.
-
Beelink SEi13 Pro reviewBeelink's latest mini PC pitches speakers, microphones, a DisplayPort video output, and fast RAM to separate it from the herd
-
Scania admits leak of data after extortion attemptNews Hacker stole 34,000 files from a third-party managed website, trucking company says
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolenCapita told the pension provider to “work on the assumption” that data had been stolen
-
Gumtree site code made personal data of users and sellers publicly accessibleNews Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
-
Pizza chain exposed 100,000 employees' Social Security numbersNews Former and current staff at California Pizza Kitchen potentially burned by hackers
-
83% of critical infrastructure companies have experienced breaches in the last three yearsNews Survey finds security practices are weak if not non-existent in critical firms
-
Identity Automation launches credential breach monitoring serviceNews New monitoring solution adds to the firm’s flagship RapidIdentity platform
-
Neiman Marcus data breach hits 4.6 million customersNews The breach took place last year, but details have only now come to light
-
Indiana notifies 750,000 after COVID-19 tracing data accessedNews The state is following up to ensure no information was transferred to bad actors
