How Smaller Companies Can Set Cybersecurity PrioritiesConsultant Nic Miller Highlights Critical Factors to Consider
Small and midsize companies don’t need to spend money on expensive security products, says cybersecurity consultant Nic Miller, but they must consider several critical factors as they devise their strategies.
See Also: A CISO's Guide to Communicating Risk
"Businesses right now are leaving their front doors wide open," he says. "And what we're not talking about is turning those businesses into Fort Knox. We're talking about shutting and locking the door. Opportunistic cybercrime costs businesses a huge amount of money, and it would be incredibly easy and cheap to stop the majority of that cybercrime."
In a video interview with Information Security Media Group, Miller discusses:
- How smaller organizations should assess their tolerance for risk;
- Factors to keep in mind when setting security investment priorities;
- The trade-offs when using cloud services and personal devices.
Miller is the owner and director of Aedile Consulting, a U.K.-based company specializing in cybersecurity. Previously, he was CISO for Brevan Howard, a global hedge fund, and security operations lead for IG, a financial services firm that provides a derivatives trading platform. He began his career at the UK intelligence agency GCHQ, working on cybersecurity, counter-terrorism and other issues.