Start-ups should adopt a risk management strategy to minimise security threats online, according to a new report by independent technology analysts Ovum.
According to the report, businesses must develop a new line of defence to ward off security threats including cyber espionage, online fraud, compliance, the protection of intellectual property.
Graham Titterington, Ovum analyst and author of the report, says security needs are growing fast.
“Businesses are facing a large-scale, well organised and well resourced criminal network which is intent on defrauding them and their customers,” Titterington says.
“On top of this, there is the growing threat of cyber espionage and the need to meet ever more stringent compliance requirements.”
“In addition, while cloud services and virtualisation have many advantages, they also bring their own dangers.”
“We believe this ever-growing list of new threats needs a new approach to security and the focus should now be on protecting assets rather than defending perimeters.”
Titterington says businesses should adopt a risk management strategy that allows them to manage threats when they become a risk, rather than limiting their impact.
He says every business should tailor its security spending to reduce online threats as much as possible.
“You have to decide where the cost benefit lies – where to stop and what to prioritise so that what you do spend gives you much more benefit,” he says.
He believes vendors have a key role to play and should ensure they are addressing the changing priorities of businesses in the products and services they provide.
“Businesses are looking to vendors to provide leadership and advice to help them through the fast-moving security landscape,” he says.
“There are also significant new opportunities for vendors in securing new mobile devices such as tablet computers and smart phones.”
“In addition, the range of emerging data and content services also represent a good opportunity for vendors.”
“They should adapt their products and services to whatever the emerging threats are and the threats that most need to be detected,” he says.
“For example, most of the attacks today come from websites whereas a few years ago, most of the attacks came through email attachments.”