ITIL provider Axelos has launched a new best practice portfolio as part of a cyber-security accreditation venture; but security experts warn that certs are “just one piece of the puzzle”.
The Resilia portfolio announced yesterday by Axelos – a joint venture between the Cabinet Office and Capita – includes best practice guidance, executive training and company awareness training for cyber security.
“Portfolios such as RESILLIA have their place in the cyber security landscape, as many certifications do. The elephant in the room is that unless they form part of a wider company awareness and training programme they are more akin to wall papering over a large crack”, Matt White, senior manager in KPMG’s cyber security practice told ComputerworldUK.
“Upon initial inspection it looks like there is no crack, but if you probe the wall you find there is very little resistance and your hand breaks through.”
White says that certifications and solutions form “a vital piece of the puzzle” but basic awareness from top level senior executives, throughout the entire firm is a “crucial first step of a pragmatic approach.”
Firms that have deployed a ‘point solution’ to protect themselves have been “misguided”, White said.
“Many people install an alarm at their home because they know that a locked door alone is not sufficient and the same theory applies here: a product alone does not make a business secure.”
Another security expert, Serena Gonsalves-Fersch, who leads the UK Cyber Academy at KPMG, warned: “We cannot just assume that the solution is as simple as paying for training courses and collecting alphabets – needs and requirements have to be assessed first and the correct training courses applied.
“Before spending limited resources buying expensive training and certifications, organisations need to invest in a skills assessment and training needs analysis to ascertain what their needs are and what capabilities they need to keep their organisation and people safe.
View the original content and more from this author here: http://ift.tt/1JqndSY
from cyber security caucus http://ift.tt/1KE0hOR
via IFTTT
No comments:
Post a Comment