SME'sThe improvement or maintenance even of a certain security standard is a demanding task for most SME's. Cyber security is composed of many disciplines including enterprise security architecture, threat intelligence, risk management, governance, defence, detection, response and recovery. A multi-layered model to cyber security is essential, as cyber criminals become increasingly adept and circumventing the perimeter defences.
Awareness SMEs must become aware of threats and build capabilities to counter these threats with a risk led approach, based on awareness of there specific threat landscape. Risks If not already in place, it is imperative that the current state cyber security posture is determined, risks ar surfaced and a roadmap for improvement is put in place. Roadmap This roadmap will have "quick wins", lightweight capability building and longer term recommendations. Tools Cyber security tools and solutions must be affordable, easy to use, install, low maintenance, address security requirements and be adaptable. Services One of the biggest challenges for SMEs in improving their cyber security posture, is the rapidly shifting threat landscape, increasing attack surface and the effort, commitment and funding needed to keep identification, protection, detection, resolution and recovery services up to date and effective. Without dedicated support, few SME's have the internal resources for this to work. Its specialised, complex, constantly moving and increasingly an existential threat. Outsourcing More and more companies are realising that it's more cost effective and far simpler to maintain resilient cyber security through outsourcing. |
Large EnterpriseLarge enterprises are much more likely to have a dedicated in-house cyber security team. Cyber security is typically significantly more secure, greatly increased adoption of technology, automation and digital transformation. Cyber security frameworks have been implemented, including governance, policies, procedures, capabilities, roles and responsibilities.
Improvements maybe needed to maintain compliance, as standards expand to counter new or increased threats driven by digital transformation and the adoption of new technologies and services. Customers are also placing additional cyber security requirements on their suppliers as part of securing their supply chain. Some of the biggest challenges we see in large enterprise is retrofitting cyber security enterprise architecture and managing a vast IT landscape supported by many different vendors and outsourced partners. Retrofitting new or enhanced controls can also be challenging where existing IT doesn't support their incorporation. Asset inventories maybe out of date, IT estates poorly documented, IT support responsibilities are poorly managed, partial monitoring is in place, misaligned IaaS, PaaS, SaaS responsibilities, outdated patching and a lack of training to accommodate human factors. In addition, high tech companies often are subject to persistent threats from state actors, who are well funded and resourced, combined with the latest cyber crime technologies. Resilience for large enterprise is a constant battle, which competes for scarce budget, resource and prioritisation. A global shortage of cyber security professionals further exacerbates efforts to win the resilience battle. As a result, large enterprise are increasingly leveraging outside help with skills and capacity gaps and shortfalls. |

S1
Preventing Data Leaks
& Major Incidents
Dettica ConsultingEnabling resilient Cyber Security
for everyone. |
Who We Are |
|