Commercial Opportunities To Be Found In Security Problems

YouTube: Malcolm Marshal KPMG 

Malcolm Marshall, KPMG's global lead on information protection and business resilience, told the Economist CIO Forum in London yesterday that, “there are opportunities in a high risk world, not just to protect revenues but to create value”.

He said that information security issues are taking on a higher profile in the boardroom of many companies, and according to a study last year by the Department for Business, Innovation and Skills, the boards of 70 percent of companies in the FTSE 250 believed cyber-threats will get worse. This is giving CISOs/CIOs more influence in the boardroom, and can help them make the case for investments in cyber-security.

But they can also use the opportunity to extend their influence by identifying how improvements in the area can increase profitability. This includes identifying how better security can provide savings in operations, especially if it involves securely moving more applications to cloud systems.

In addition, raising the profile of data security with customers can be used as a selling point as it convinces them the company takes it seriously. This can be taken a step further if it involves providing more transparency over how their personal data is used, and could provide more scope for data sharing with other parties to develop new differentiated services.

The opportunities are likely to come from security and commercial teams working closely together to identify where cyber-threats are most likely to affect revenues and concentrate on finding solutions. “I believe that if you have very strong security teams, combining technology and business, and you're intellectually strong you have the opportunity to save money and create revenue,” Marshall said.

In a panel discussion the argument was taken up by Gary Cheetham, chief information security and data protection officer for NFU Mutual, which offers financial services to farmers. He cited the way credit card providers conform to the PCI Data Security Standard to secure customer information and highlight this in their marketing literature.

Marshall acknowledged to SCMagazineUK.com, however, that there are major challenges involved, and that the timescale will depend on the conditions in specific industries. He suggested it will take at least five years for many companies to identify and begin to exploit the revenue opportunities, but said that some manufacturers of medical devices are already making progress, seeing the commercial potential in convincing customers that they can keep patient data secure.

There will also be massive opportunities in using data via the Internet of things if companies can convince people it will be kept secure, he said. “If you can solve the big problems around security you can unleash vast amounts of valuable data,” he concluded.

SC Magazine: http://bit.ly/1NfDurI

« Fighting Cybercrime Can Be Turned Into A Commercial Opportunity
2016 Cyber Threat - Use To Advantage »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Internet Storm Center (ISC)

Internet Storm Center (ISC)

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with ISPs to fight back against the most malicious attackers.

Delta Risk

Delta Risk

Delta Risk is a global provider of managed security services and cyber security risk management solutions to government and private sector clients.

Woz U

Woz U

Woz U provides best-in-class technology training for Learners, Higher-Ed and Corporations. We focus on the most in-demand occupations such as Software Development, Data Science and Cyber Security.

Bl4ckswan

Bl4ckswan

Bl4ckswan is a Management Consulting firm specialized in the delivery of information security and compliance services.

AU10TIX

AU10TIX

AU10TIX’s smart forensic-level ID authentication technology links physical and digital identities, meets compliance mandates, and ensures your customers know their trust and safety come first.

NSA Career Development Programs

NSA Career Development Programs

NSA offers entry-level programs to help employees enhance their skills, improve their understanding of a specific discipline and even cross-train into a new career field.

GELLIFY

GELLIFY

GELLIFY is the first innovation platform dedicated to the high-tech B2B market, supporting start-ups and companies.

Brookcourt Solutions

Brookcourt Solutions

Brookcourt Solutions delivers cyber security, network monitoring technologies and managed security services to help secure and protect your organisation’s critical infrastructure.

Triaxiom Security

Triaxiom Security

Triaxiom Security offers penetration testing, security audits, and strategic consulting customized to meet your needs.

Information Technology Solutions (ITS)

Information Technology Solutions (ITS)

Information Technology Solutions is a single source provider for managing and securing mission-critical IT services.

CypherEye

CypherEye

CypherEye is a next generation trust platform that advances the current state of Multi-factor Authentication (MFA) to enable highly secure, private and auditable cyber-transactions.

SequelNet

SequelNet

SequelNet is an emerging MSP, providing 360° business IT solutions and consulting services.

Roberts & Obradovic Law

Roberts & Obradovic Law

Roberts & Obradovic Law Group is a corporate, privacy, employment and litigation law firm.

Cyber and Fraud Centre – Scotland

Cyber and Fraud Centre – Scotland

The Cyber and Fraud Centre – Scotland exists to ensure Scottish organisations are as resilient as they can be against cyber and fraud crime.

Logiq Consulting

Logiq Consulting

Logiq Consulting provide a full range of Cyber Security, Information Assurance and System Engineering services.

HanaByte

HanaByte

HanaByte is a security consultancy focused on delivering state of the art solutions in the cloud. We specialize in delivering cloud services with an emphasis on security.