Is cyber security software worth the investment? – IT Governance Blog

‘Do we really need to spend a load of money on cyber security software?’ you might ask. You have built-in antivirus, so won’t that do?

No. Cyber security is about more than preventing viruses and malware. Criminals have plenty of other tricks for breaking into your organisation, so you must purchase software to close as many gaps as possible.

Why cyber security software is so important

Over the past few years, organisations and individuals have acknowledged the severity of the threat posed by cyber crime. We tracked 557 data breaches last year alone, with organisations of all sizes coming under attack.

Meanwhile, the introduction of the GDPR (General Data Protection Regulation) has raised the stakes when it comes to effective security. Organisations that fail to secure data properly, or that violate individuals’ privacy rights, face fines of up to €20 million (about £18 million) or 4% of their annual global turnover.

If organisations are to avoid suffering data breaches, they need to protect their systems. Many people believe that refers to technological solutions – but although that’s our focus here, it’s only one way to secure your organisation.

After all, it’s no good purchasing cyber security software if no one knows how to use it or employees expose data in other ways. That’s why technology must always be complemented with security policies and staff awareness training, in what is often known as the people-processes-technology model.

The reason so many people focus on technology, as opposed to people or processes, is that it does a lot of the heavy lifting in a security framework.

Most data breaches are the result of basic mistakes that all three parts of the model address, but whereas ‘people’ and ‘processes’ are designed to change poor security habits – something that takes time and effort – security software can be plugged straight into the system.

It doesn’t address the root cause of the problem, but it prevents breaches from occurring.

For example, access controls, which limit who can view certain information, doesn’t stop an employee from wanting to view sensitive information (or even explain why this is a security concern), but it does ensure that a breach doesn’t occur.

There are myriad programs designed to protect your organisation in ways like this. In the next section, we run through some of the most common types of software and how they work.

Examples of cyber security software

Antivirus software is the quintessential example of cyber security technology. It was originally designed to root out viruses, but modern software now generally includes protection against a broad range of malicious programs, including malware, ransomware, keyloggers, Trojan horses, worms, adware and spyware.

The software scans your computers, looking for files that match its built-in database of known viruses and malware, and either deletes them or alerts you to their presence.

Antivirus and anti-malware software are essential for all businesses that use online systems. Malicious programs are hidden in all kinds of files, and it’s only a matter of time before an employee downloads something harmful or a criminal otherwise infects your organisation.

Firewalls create a buffer between your IT systems and external networks. They monitor network traffic, and identify and block unwanted traffic that could damage your computers, systems and networks.

Implementing firewalls helps protect organisations from criminal hackers trying to break into their networks, and from outgoing traffic originating from a virus.

There are several inexpensive tools you can use to detect suspicious activity on your organisation’s networks.

Such activity includes attempts to access privileged information (whether from an employee or external actor), login attempts from unusual locations, and unusual activity related to the way information was viewed.

Monitoring this information gives you a head start when it comes to active or attempted system compromises.

Access controls ensure that staff can only view information that’s relevant to their job. For example, someone in marketing must be able to view contact information for those who have signed up for a service, but they won’t need access to, say, HR files and payroll data.

Walling off those parts of the system ensures that staff can’t compromise that data, either accidentally or maliciously. It also protects organisations should a criminal hacker break into an employee’s account, as they will only be able to view a select amount of data.

How do you know which software is necessary?

The examples we’ve listed will be essential for almost every organisation, as they address universal issues. But what about other types of software, like encryption programs? Should you invest in those?

The answer can be found by conducting a risk assessment. This is a process in which you identify, analyse and evaluate security risks and determine appropriate solutions.

If, once you’ve completed the assessment, you decide that certain software is necessary, then you should purchase it. If you don’t need it, then invest your money elsewhere.

A software solution to help you decide

There’s a lot at stake when you conduct a risk assessment, so it’s a good idea to get expert advice. That’s where vsRisk Cloud comes in.

This online tool helps you conduct an information security risk assessment aligned with ISO 27001, the international standard for information security.

With vsRisk Cloud, you’ll get repeatable, consistent assessments year after year. Its integrated risk, vulnerability and threat database eliminates the need to compile a list of risks, and the built-in controls helps you comply with multiple frameworks, including the GDPR.