This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Claims made that automation is the best way to cut risk and become compliant

Share this article:

A forum has declared that automation is the only way to cut risks and achieve compliance.

At the recent Security Risk & Compliance Forum in London, organised by Skybox Security and BT, it was claimed that enterprises that do not have automated methods for finding network vulnerabilities and tracking risks are gambling with their corporate data and reputation.

Of those businesses surveyed 75 per cent reported significant growth in their networks in the past year, while 63 per cent said they used automated solutions for identifying risk and compliance issues and vulnerabilities in their network.

When asked to name the single IT risk or compliance issue that kept them awake at night, 44 per cent of the people surveyed named identity and access management, 38 per cent expressed concerns about board-level interference with security policy decisions, and 18 per cent said cutting risks of data leaks and losses was the issue that concerned them the most.

Speaking at the event, Stephen Bonner, global head of information risk management for Barclays Group, said: “Something has got to give, you have got to make sure that you are going to business but you need to find a way to stretch money, but how?

“There is a lot of movement into offshore but risk continues as part of that. Do not push third party supplies so that they fail, who has the data? Many organisations understand that, as they make sure that the risks are understood.”

He later claimed that if things do go wrong, ‘this is a great time to start again'. Bonner said: “There is a bright future, those who weather the storm will come out stronger so there is the opportunity to look at what you do and focus right.”

Ray Stanton, global head of business continuity, security and governance requirements for BT, used his presentation to show how organisations that manage risks effectively are better positioned to respond to and remedy adverse events, helping to protect their brand's reputation and control costs.

Stanton said: “It is about being agile and keeping an open mind. You do not have to update your technology but be risk and security professionals and do the right thing for the company, be risk resilient.”

Gidi Cohen, CEO and founder of Skybox Security, warned that periodic audits and checks on security systems are no longer enough to ensure effective risk mitigation and policy compliance.

Cohen said: “Every change, every update to systems affects an organisation's compliance status. Manual audits and checks take too long and can leave systems dangerously vulnerable to exploits. Automation reduces the window of exposure, and helps to ensure risks are managed and compliance is maintained.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

VC cyber security funding tops £850 million

VC cyber security funding tops £850 million

A new study from US-based research firm CBI Insights reveals that corporate cyber security investments have risen five-fold since 2009, with 30 percent growth in the last year alone.

Russian/Chinese cyber-security pact raises concerns

Russian/Chinese cyber-security pact raises concerns

News that Russia and China are set to sign a cyber-security treaty next month have left Western cyber experts unsure whether it is a threat or a promising development.

UK police arrest trio over £1.6 million cyber theft from cash machines

UK police arrest trio over £1.6 million cyber ...

London Police have arrested three suspected members of an Eastern European cyber-crime gang who installed malware on more than 50 bank ATM machines across the UK to steal £1.6 million.