2017 STATE OF T THE SECURITY INDUSTRY REPORT
Implementation of
Cybersecurity strategy and policy
Respondents were asked if their fi rm has created a
Cybersecurity strategy for internal policy and/or for your clients.
Cybersecurity Not Ready
for Prime Time
The threat of a major cyber-attack is a
reality all organizations live with every
day. So does it make sense for system
integrators to act as a conduit between
their end user clients and technology
vendors for best practices when it comes
to cybersecurity? For most integrators,
the jury is still out. Many integrators
neither have the personnel or internal
expertise to provide consultative
cybersecurity services to their clients.
So, according to cyber experts sharing on
SecurityInfoWatch.com, there are some
basic steps any integrator can take to
increase the cybersecurity capital with
customers.
• Apply the National Institute of Standards
and Technology (NIST) Framework
for Improving Critical Infrastructure
Cybersecurity, which covers the core
principles of “Identify, Protect, Detect,
Respond, and Recover;”
• Continuously assess and detect the
presence and impact of vulnerabilities;
• Adopt a coordinated vulnerability
disclosure policy and practice; and
• Defi ne playbooks and mitigation actions
that address cyber risk early and prior to
exploitation.
Using g some of these simple p practices,p
integrators can help clients id
vulnerabilities, discover relev
and assess services and strat
survey respondents who we
their fi rm has created a Cybe
strategy for internal policy an
external policy for their clien
overwhelmingly non-comm
More than 67% answered the
offered internal policy for the
(35%) or had no policy or stra
internal best practices and n
for their clients (33%). Those
percentages. The more prog
integrators – 25% – offered b
and policy and acted as a tru
for their clients in all thing cy
7% didn’t have strong interna
for their own fi rms, but were
cybersecurity advisors for th
identify
relevant actors
strategies. Yet,
were asked if
Cybersecurity
and/or
clients were
committal.
they only
their own fi rms
strategy for
none planned
Those are revealing
progressive
both internal
trusted advisor
cyber, while
internal policies
trusted
their clients.
As a service/trusted
advisor capacity for
our clients only
6.9%
Internally only
35.0%
No
32.8%
Both internally and
as a trusted advisor
for our clients
25.3%
10 This Exclusive Report is Sponsored by