Governance & Risk Management , IT Risk Management , Risk Assessments
How Smaller Companies Can Set Cybersecurity Priorities
Consultant Nic Miller Highlights Critical Factors to ConsiderSmall and midsize companies don’t need to spend money on expensive security products, says cybersecurity consultant Nic Miller, but they must consider several critical factors as they devise their strategies.
See Also: Identity Security and How to Reduce Risk During M&A
"Businesses right now are leaving their front doors wide open," he says. "And what we're not talking about is turning those businesses into Fort Knox. We're talking about shutting and locking the door. Opportunistic cybercrime costs businesses a huge amount of money, and it would be incredibly easy and cheap to stop the majority of that cybercrime."
In a video interview with Information Security Media Group, Miller discusses:
- How smaller organizations should assess their tolerance for risk;
- Factors to keep in mind when setting security investment priorities;
- The trade-offs when using cloud services and personal devices.
Miller is the owner and director of Aedile Consulting, a U.K.-based company specializing in cybersecurity. Previously, he was CISO for Brevan Howard, a global hedge fund, and security operations lead for IG, a financial services firm that provides a derivatives trading platform. He began his career at the UK intelligence agency GCHQ, working on cybersecurity, counter-terrorism and other issues.