Why don’t business guys get it? Unclear. As a business guy I know I need to be secure, but it often seems overwhelming.
Is endpoint enough? We’ve installed all the recommended tech yet we’re still having issues. Is there ever a finish line? Unfortunately, no. Security is, and always will be a continuum. As business users look for more efficient (read easier ways) to work with partners and vendor’s security postures get stretched, extended and sometimes breached.
Take for example Dropbox or Google drive. When they first came out people recognized that this was a great way to share and collaborate with folks outside of their organization. What they failed to realize is that they also created a very efficient way for folks to ex-filtrate data from their organization. Sometimes new business efficiencies inadvertently create security gaps.
Try to articulate to the business side of the house that security is an on-going evolving effort. Use concrete realistic examples of how the business is exposed. Business leaders are usually pragmatic. They will tend to look a issues as risk vs. reward. Help them to see the risk clearly and they will spend appropriately.
Check out these related blog posts!