Figuring out whether a data center is spending enough on cybersecurity is easy in theory but not in practice.
First, you determine your appetite for risk. Second, you determine the potential impact of a cyber incident to your critical assets and systems. Third, you determine the vulnerability of those assets.
Multiply the potential impact by the degree of vulnerability, and you get your total risk exposure. If the total risk is higher than what you can tolerate, you need to beef up your cybersecurity.
A company’s tolerable level of risk depends on its size, industry, and market positioning.
“Is your goal to track the spend of your competitors, or to be known for delivering more exceptional service in a more secure way?” asked Ramon Peypoch, chief product officer at the Denver-based network security company ProtectWise. “You can use security as a driver for your business if you adopt the approach that you’re going to deliver the most secure data center operations and not be part of all the high-profile breaches out there.”