Commercial Opportunities To Be Found In Security Problems

YouTube: Malcolm Marshal KPMG 

Malcolm Marshall, KPMG's global lead on information protection and business resilience, told the Economist CIO Forum in London yesterday that, “there are opportunities in a high risk world, not just to protect revenues but to create value”.

He said that information security issues are taking on a higher profile in the boardroom of many companies, and according to a study last year by the Department for Business, Innovation and Skills, the boards of 70 percent of companies in the FTSE 250 believed cyber-threats will get worse. This is giving CISOs/CIOs more influence in the boardroom, and can help them make the case for investments in cyber-security.

But they can also use the opportunity to extend their influence by identifying how improvements in the area can increase profitability. This includes identifying how better security can provide savings in operations, especially if it involves securely moving more applications to cloud systems.

In addition, raising the profile of data security with customers can be used as a selling point as it convinces them the company takes it seriously. This can be taken a step further if it involves providing more transparency over how their personal data is used, and could provide more scope for data sharing with other parties to develop new differentiated services.

The opportunities are likely to come from security and commercial teams working closely together to identify where cyber-threats are most likely to affect revenues and concentrate on finding solutions. “I believe that if you have very strong security teams, combining technology and business, and you're intellectually strong you have the opportunity to save money and create revenue,” Marshall said.

In a panel discussion the argument was taken up by Gary Cheetham, chief information security and data protection officer for NFU Mutual, which offers financial services to farmers. He cited the way credit card providers conform to the PCI Data Security Standard to secure customer information and highlight this in their marketing literature.

Marshall acknowledged to SCMagazineUK.com, however, that there are major challenges involved, and that the timescale will depend on the conditions in specific industries. He suggested it will take at least five years for many companies to identify and begin to exploit the revenue opportunities, but said that some manufacturers of medical devices are already making progress, seeing the commercial potential in convincing customers that they can keep patient data secure.

There will also be massive opportunities in using data via the Internet of things if companies can convince people it will be kept secure, he said. “If you can solve the big problems around security you can unleash vast amounts of valuable data,” he concluded.

SC Magazine: http://bit.ly/1NfDurI

« Fighting Cybercrime Can Be Turned Into A Commercial Opportunity
2016 Cyber Threat - Use To Advantage »

Directory of Suppliers

HighQ

HighQ

HighQ provides cloud-based enterprise collaboration and secure file sharing tools to leading organisations around the world.

Cyber Security Research Alliance (CSRA)

Cyber Security Research Alliance (CSRA)

A non-profit consortium founded by industry stakeholders as a forum to develop R&D strategy to address challenges in cyber security

SonicWall

SonicWall

SonicWall provide products for network security, access security, email security & encryption.

Tiro Security

Tiro Security

Tiro Security is a boutique company specializing in information security and IT audit recruitment and solutions.

iLand

iLand

iland is an award-winning enterprise cloud infrastructure provider offering Secure Enterprise Cloud Services and Disaster Recovery as a Service (DRaaS).

WISER

WISER

WISER delivers a cyber-risk management framework able to assess, monitor and mitigate the risks in real time, in multiple industries.

ComCode

ComCode

ComCode provides consulting services and solutions in the area of digitization and cyber security for mid-sized and big businesses.

Cybercrowd

Cybercrowd

Cybercrowd is a cyber security specialist offering technical services, cyber security assessments, guidance and security thought leadership.

PerimeterX

PerimeterX

PerimeterX is a provider of scalable, behavior-based threat protection technology for the web, cloud and mobile.

Honeynet Project

Honeynet Project

The Honeynet Project is a leading international non-profit security research organization, dedicated to investigating the latest attacks and developing open source security tools.

SAASPASS

SAASPASS

SAASPASS is a full-stack identity and access management solution, a single product which allows you to manage all your digital and physical access needs securely and conveniently.

Secure Channels

Secure Channels

Secure Channels products offer advanced access control, adaptable encryption, data protection, enterprise confidentiality solutions and proximity-based monitoring and intelligence capabilities.

Open Information Security Foundation (OISF)

Open Information Security Foundation (OISF)

OISF is a non-profit organization led by world-class security experts, programmers, and others dedicated to open source security technologies.

FHOOSH

FHOOSH

FHOOSH software builds on today’s encryption to secure data so it’s useless if breached, and strengthens user and key management to close encryption security loopholes.

Veristor

Veristor

Veristor are seasoned experts in IT technology, providing a full suite of design, deployment, support, and managed service offerings.