Where is the Security Poverty Line?
“Companies under the security poverty line... are the ones that are just not capable of fixing any of the software themselves; either it’s not theirs and they are reliant on third parties who may or may not fix it, but also if they have any infrastructure, it has so much inertia and they have so little expertise that they don’t know where to start… “ Wendy Nather (2013)
How can you discover where a business is relative to this poverty line? It’s simple, just check out our infographic by clicking the image above. If you’d rather read it in text instead, continue on to find answers to the question: “Where is the Security Poverty Line?”
Below is a guide to the levels of IT security seen in the workplace.
This level is a myth. With enough time, tools, skills and motive, any security measure can be overcome.
Occasionally a government office or enterprise achieves this level of security. This is what you need to fend off a state funded attack.
Where a good assessor can get you
This level is similar to “good security” but with the addition of all the bells and whistles. This can be expensive, and cost ineffective for SMBs.
You know IT security is critical, and have invested the time and effort to implement strong IT security above and beyond the call of duty.
What your organization minimally needs
You know that security is a process, not a product. With the right tools at your disposal your business should be safe from all but the worst APTs (Advanced Persistent Threats).
The Splash Zone -
Your ship isn’t underwater, but one good wave could change that.
This is where some organizations wind up. They buy a bunch of security software, hire assessors, and feel that they have bought good security.
Sufficient against a casual attacker
This level of security will be able to stop most low-skill attackers. You’ve got all the critical must-haves as well as a bit of extra know-how.
Enough to pass a serious audit
Critical systems are up and running, and you appear to be trying to improve your security. You’re not, but you seem busy.
Security Poverty Line
Now your ship is taking on water and you’ll have to work hard to stay afloat.
Enough to fool a standard audit
You’ve got some functional security, but your security systems are piecemeal. Systems appear more secure than they are.
What your organization thinks it needs
“We’ve got a firewall, antivirus, AND antimalware. That’s as safe as it gets!”
The blind leading the blind…
The good news is that James from shipping has set up a router before. The bad news is that he also has two felonies on record… for cybercrime.
Now that you have a better understanding of the Security Poverty Line, why not use it to your own benefit? Download a high-resolution copy of our infographic, print it out, and share it at a meeting, during a consultation, or with your customers. Knowing is half the battle, and infographics are a great way to educate and inform.