#CIOYearAhead: Rush to manage enterprise security


In the wake of major high-profile incidence in 2017, worldwide enterprise spending on security is poised to rise by eight percent next year, according to Gartner, Inc.

In the research firm’s latest report, titled “Forecast: Information Security, Worldwide, 2015-2021, 3Q17 Update,” Gartner found that security spending for 2018 looks to total $96.3 billion.

According to the report, budgets towards security services will be both the bulk of spending and will see the largest increase, year over year, with an estimated $57.7 billion — up from 2017’s $53.0 billion. Spending in identity access management, infrastructure protection, network security equipment and consumer security software will also be increased over the next 12 months.

The Gartner report also found that security spending increases should continue over the next few years, with more than 60 percent of enterprises investing in data loss prevention, protection and encryption tools. This will be an increase over the current 35 percent of organizations spending on multiple tools today.

But can enterprises stay safe in the Cyberspace? According to Karien Bornheim, CEO and Founder FABS, enterprises cannot stay fully safe from attacks, but they can adopt ways that can help them manage their security steps.

Here are the seven steps:

Roadmap– List current status for personal data, including policies, procedures, systems, and controls in place. Identify process opportunities, next steps and timing for deliverables.

Gap Analysis– Based on current status, identify areas for improvement and formal action plans to address those.

Discover—identify what personal data you have and where it resides. You can only protect and manage data when the data is identified.

Manage— execute on data subject requests, manage how personal data is used and accessed. Make sure that data is only used for the purposes it was intended for and accessible only to those with a need to access it.

Protect—establish security controls to prevent, detect, and respond to vulnerabilities and data breaches. Knowing when and if a breach occurs, can help you keep the data protection authority informed.

Report—report data breaches, and keep required documentation. Proving you are governing data in the right way and successfully handling data subject requests is the core of compliance.

And finally, Automate – Here, she touched on three key areas where entreprises can automate their data, Data Classification, Data Loss Prevention and Security Operations Centre

Do you have a story that you think would interest our readers?
Write to us editorial@cio.co.ke


Please enter your comment!
Please enter your name here
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.