To earn or to serve?
Posted: Sat Feb 08, 2025 10:29 am
It is time, our experts believe, to move from patching holes to a systemic approach to ensuring information security. At the same time, it is necessary to take into account that work processes in different departments of the same company can differ significantly from each other and it is necessary to develop their own scenarios for the implementation of threats for each group of processes, respond to them taking into account the business goals of stakeholders, communications with partners, the specifics of the IT used, these processes themselves and the objects of the environment for processing protected information.
What task should the information security indonesia mobile database perform - to generate direct income, as the company's direct business, or to serve the main business, as, for example, is typical for the accounting or HR department?
Fortinet's Head of Systems Engineers, Alexey Andryashin, suggests treating information security as a critical business process that is directly related to virtually all areas of the company's activities and on which the success of achieving its main mission directly depends.
Anton Svintsitsky, Director of Consulting at DialogueNauka, has a less radical opinion on the role of information security. He sees the goal of a corporate information security service and information security management as allowing an enterprise to earn more by reducing operating costs for eliminating the consequences of information security incidents. "If your enterprise does not engage in information security, business processes will most likely not stop immediately, but you will not have a basis for making correct and timely management decisions in the event of incidents, and their consequences may be much more severe than with an information security system," he believes.
What task should the information security indonesia mobile database perform - to generate direct income, as the company's direct business, or to serve the main business, as, for example, is typical for the accounting or HR department?
Fortinet's Head of Systems Engineers, Alexey Andryashin, suggests treating information security as a critical business process that is directly related to virtually all areas of the company's activities and on which the success of achieving its main mission directly depends.
Anton Svintsitsky, Director of Consulting at DialogueNauka, has a less radical opinion on the role of information security. He sees the goal of a corporate information security service and information security management as allowing an enterprise to earn more by reducing operating costs for eliminating the consequences of information security incidents. "If your enterprise does not engage in information security, business processes will most likely not stop immediately, but you will not have a basis for making correct and timely management decisions in the event of incidents, and their consequences may be much more severe than with an information security system," he believes.