Market Insights: cyber security with Matt Knell, Sophos – part two

Market Insights LogoIn the second part to our cyber security industry chat with Sophos’ Strategic Channel Team Senior Sales Manager, Matt Knell we discuss why it’s important for organisations to secure investment and buy-in for cyber security.

Missed part one? Read ‘Market Insights: cyber security with Matt Knell, Sophos – part one’ now.

What’s the benefit to organisations opting for a managed threat response service vs taking it on in-house?

The challenges organisations face in relation to expertise in cyber security are very well publicised. Building a managed threat response team in-house can be very expensive when you consider the cost of recruitment, salaries, and additional solutions. It can also be time consuming, and the challenge of retaining the right people for the job in a very competitive market can also put a strain on your existing resources.

Creating an in-house team can take months to setup, but outsourcing this service gives you specialist knowledge, experience, cost-savings, and people and tools to operate 24/7, plus an instant return on investment (ROI) from day one. Building a team like this in-house isn’t practical for the vast majority of organisations, so working with a leading partner in this field will save you money and make your processes more efficient and effective.   

What advice do you have for organisations with limited cyber security in place?

Understanding what you need to do to implement a strong cyber security strategy, and why, is key. I would recommend investing in expert advice, someone who can work with your entire organisation to educate on why cyber security is important. This is not just the IT team’s challenge – everyone needs to understand the risk. You can also use frameworks like NIST to help build your strategy.

Why is it important to secure budget and buy-in to support cyber security? 

You should always assume that you will be hit by an attack. Securing budget and buy-in once an attack has happened isn’t effective and the damage may already be done by then, so your best defence is to always be prepared for an attack.

Read our best practice tips to avoid a cyber security breach.

The cost of dealing with a ransomware attack has doubled in the last year and as an average, you have a one in three chance of being breached. Ask yourselves, ‘What would it cost us?’, ‘Could we recover?’, ‘What impact would it have on us and our customers and business partners?’ Hindsight is a wonderful thing, but ask any organisation that’s been through a serious breach and the advice would be the same: don’t wait and don’t assume it won’t happen to you!

When we engage post breach, it’s all about how quick we can get back up, if it can be fixed, and protecting data. Budget and costs are never a concern following a breach, so prevent against a breach now by investing in a proactive solution that saves you from the stress and the high cost of remediating post-breach.

What’s the best way to approach creating a business case for cyber security to secure budget and internal buy-in?

Understand the risk and educate everyone within the business to ensure they understand it too. If a breach happened, who would need to be informed and involved in remediating? All of these people need to be aware of threats and take responsibility for protecting and remediating against them.

It’s also important to test yourselves. Even if you have an incident response plan in place; has it been tested? Do you have the resource, expertise, tools, and processes to cope with the day to day demands and the worst-case scenario of a major breach?

Like any disaster recovery plan, a cyber breach needs to be qualified against risk. If you’re hit and your network is taken offline, what impact would this have? What is the daily cost to your business? Using the partners, frameworks, and free cyber security training resources available to you will help you to understand and build a robust business case.

Need help securing buy-in for your cyber security strategy? 

Our governance, risk, and compliance team will support you to build a business case to secure investment and organisational buy-in for your cyber security approach. Book your free, one-to-one consultation below to discuss now.

Book now

Naomi Busuttil
Naomi Busuttil

Naomi is Phoenix's Content Strategist with more than ten years' experience creating a variety of content for web, print, social media, and email marketing. With a background spanning all marketing disciplines gained notably within the housing, sustainability, and not-for-profit industries, Naomi is familiar with the challenges the public sector faces and is passionate about producing content with accessibility in mind.

See all posts by Naomi Busuttil