To earn or to serve?
Posted: Wed Feb 12, 2025 9:54 am
What task should the information security service perform - to generate direct income, as the company's direct business, or to serve the main business, as is typical, for example, for the accounting or HR department?
Fortinet's Head of Systems Engineers, Alexey Andryashin, suggests treating information security as a critical business process that is directly related to virtually all areas of the company's activities and on which the success of achieving its main mission directly depends.
Anton Svintsitsky, Director of Consulting at DialogueNauka, has a less radical opinion on the role of information security. He sees the goal of a corporate information security service and information security management as allowing an enterprise to earn more by reducing operating costs for eliminating the consequences of information security incidents. "If your enterprise does not engage in information security, business processes will most likely not stop immediately, but you will not have a basis for making correct and timely management decisions in the event of incidents, and their consequences may be much more mexico whatsapp data than with an information security system," he believes.
Konstantin Zats, an engineer in the information security department at Compulink, agrees that the role of information security is still auxiliary, allowing for the reduction of business process costs and the acceleration of business growth. At the same time, this role, due to its specificity, has a great impact on the company's activities and requires the introduction of many restrictions and prohibitions into work processes.
The IT security director, as a key figure in corporate information security management, is obliged to understand the business objectives and select the information security tools that will best help solve these problems, explains Ivan Ozerov.
Fortinet's Head of Systems Engineers, Alexey Andryashin, suggests treating information security as a critical business process that is directly related to virtually all areas of the company's activities and on which the success of achieving its main mission directly depends.
Anton Svintsitsky, Director of Consulting at DialogueNauka, has a less radical opinion on the role of information security. He sees the goal of a corporate information security service and information security management as allowing an enterprise to earn more by reducing operating costs for eliminating the consequences of information security incidents. "If your enterprise does not engage in information security, business processes will most likely not stop immediately, but you will not have a basis for making correct and timely management decisions in the event of incidents, and their consequences may be much more mexico whatsapp data than with an information security system," he believes.
Konstantin Zats, an engineer in the information security department at Compulink, agrees that the role of information security is still auxiliary, allowing for the reduction of business process costs and the acceleration of business growth. At the same time, this role, due to its specificity, has a great impact on the company's activities and requires the introduction of many restrictions and prohibitions into work processes.
The IT security director, as a key figure in corporate information security management, is obliged to understand the business objectives and select the information security tools that will best help solve these problems, explains Ivan Ozerov.