Commercial Opportunities To Be Found In Security Problems

YouTube: Malcolm Marshal KPMG 

Malcolm Marshall, KPMG's global lead on information protection and business resilience, told the Economist CIO Forum in London yesterday that, “there are opportunities in a high risk world, not just to protect revenues but to create value”.

He said that information security issues are taking on a higher profile in the boardroom of many companies, and according to a study last year by the Department for Business, Innovation and Skills, the boards of 70 percent of companies in the FTSE 250 believed cyber-threats will get worse. This is giving CISOs/CIOs more influence in the boardroom, and can help them make the case for investments in cyber-security.

But they can also use the opportunity to extend their influence by identifying how improvements in the area can increase profitability. This includes identifying how better security can provide savings in operations, especially if it involves securely moving more applications to cloud systems.

In addition, raising the profile of data security with customers can be used as a selling point as it convinces them the company takes it seriously. This can be taken a step further if it involves providing more transparency over how their personal data is used, and could provide more scope for data sharing with other parties to develop new differentiated services.

The opportunities are likely to come from security and commercial teams working closely together to identify where cyber-threats are most likely to affect revenues and concentrate on finding solutions. “I believe that if you have very strong security teams, combining technology and business, and you're intellectually strong you have the opportunity to save money and create revenue,” Marshall said.

In a panel discussion the argument was taken up by Gary Cheetham, chief information security and data protection officer for NFU Mutual, which offers financial services to farmers. He cited the way credit card providers conform to the PCI Data Security Standard to secure customer information and highlight this in their marketing literature.

Marshall acknowledged to SCMagazineUK.com, however, that there are major challenges involved, and that the timescale will depend on the conditions in specific industries. He suggested it will take at least five years for many companies to identify and begin to exploit the revenue opportunities, but said that some manufacturers of medical devices are already making progress, seeing the commercial potential in convincing customers that they can keep patient data secure.

There will also be massive opportunities in using data via the Internet of things if companies can convince people it will be kept secure, he said. “If you can solve the big problems around security you can unleash vast amounts of valuable data,” he concluded.

SC Magazine: http://bit.ly/1NfDurI

« Fighting Cybercrime Can Be Turned Into A Commercial Opportunity
2016 Cyber Threat - Use To Advantage »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Centre for International Governance Innovation (CIGI)

Centre for International Governance Innovation (CIGI)

CIGI research areas include Conflict Management & Security which encompass cyber security and cyber warfare.

Magic Software Enterprises

Magic Software Enterprises

Magic provide Mobile Device Management (MDM) for Secure Enterprise Mobility. Magic MDM overcomes the challenges of mobile device management security by protecting all of your devices, data and content

Atempo

Atempo

Atempo is a leading independent European-based software vendor with a global presence. We provide solutions to protect, store, move and recover all your data.

SKKU Security Lab (seclab)

SKKU Security Lab (seclab)

SKKU Security Lab supports research and education in information security engineering. The lab is a part of the College of Software, Sungkyunkwan University.

Trustless Computing Association (TCA)

Trustless Computing Association (TCA)

TCA is is a non-profit organization promoting the creation and wide availability of IT and AI technologies that are radically more secure and accountable than today’s state of the art.

Valire Software

Valire Software

Valire provide a solution for the automated detection of internal fraud.

Careerjet

Careerjet

Careerjet is a leading online job search engine with a large presence worldwide, sourcing millions of job ads from thousands of websites from all over the world in areas including Cybersecurity.

spiderSilk

spiderSilk

spiderSilk is a Dubai-based cybersecurity firm, specializing in simulating the most advanced cyber offenses on your technology so you can build your best security defenses.

UMBRA

UMBRA

UMBRA is solely concerned with protecting governments against Nation State attacks. We are not a consumer or enterprise company.

Elisity

Elisity

Elisity Cognitive Trust is a new security paradigm that combines Zero Trust Network Access and an AI-enabled Software Defined Perimeter.

Emtec

Emtec

Emtec’s cyber security team provides advisory, assessment, & managed security services that help you build the cyber security policies, toolsets & best practices to elevate your cyber security posture

SecurEnvoy

SecurEnvoy

SecurEnvoy are a leader in designing zero access trust solutions using the latest cutting-edge technologies, to protect your users, devices and data, whatever the location.

IS4IT Kritis

IS4IT Kritis

IS4IT is your partner for the successful planning, introduction and implementation of company-specific information security concepts.

EmberOT

EmberOT

EmberOT is at the forefront of operational technology (OT) security, offering cutting-edge solutions designed to protect critical infrastructure within energy, utilities, and manufacturing sectors.

Sword Group

Sword Group

Sword is a leader in data insights, digital transformation and technology services with a substantial reputation in complex IT, business projects and mission critical operations.

Cylerian

Cylerian

Cylerian is a Next Generation SaaS Security Platform - One unified cloud platform to achieve your security, compliance, and operational objectives.