Bob Forsyth, the Managing Director of MITIE Total Security Management (TSM) introduces his third blog on Infologue.com by asking if Cyber security – is out of sight really out of mind? Bob writes; Cyber security poses a growing and significant risk to the UK’s security and economy and its inclusion on the government’s national risk register highlights the significance. Generally cyber security budgets are increasing while physical security budgets are being reduced which suggests organisations face an emerging threat.
The threat to the UK comes from other states, terrorists and criminals operating in cyberspace, and with the cost to our economy reaching £27bn annually, I’ve been thinking about how we, in the private security industry, can help to mitigate these risks. As practised professionals in securing organisations against the physical threats we can see – such as intruders and vandals – we are confident in providing a physical presence to serve as a deterrent. But how do we begin to help secure them against risks and threats that we cannot see, hear or touch? And do we really understand the threats posed by intellectual property (IP) theft and industrial espionage?
Whether we do or not, the fact is that they exist, and we must consider how best to protect information about people, and products and services. The management of information security could and should be incorporated into the overall security strategy for an organisation. Greater integration of information security with physical security is needed. In my view, securing these two elements currently happens in isolation of the other, but an all-encompassing, integrated risk-based approach will help organisations to understand and manage their vulnerabilities and implement tailored IT security policies.
Raising awareness of the risks posed through social networking sites for personal and professional use should also be high on the agenda and we need to emphasise the vulnerability of company IT systems. The extent of the insider threat also needs to be recognised. One of the greatest risks to the integrity of an organisation’s IT system comes from those already employed there.
All in all, cyber security is our responsibility, and we must provide clients with comprehensive protection of their assets, buildings, people and reputations. As standard practice cyber security should form part of the risk review and must not be considered separately. We must embrace the unknown and not be afraid of what we cannot see.
Read Bob’s first blog: Security managers are relevant again in procurement
Read Bob’s second blog: What do we really mean by adding value?
Bob Forsyth, the Managing Director of MITIE Total Security Management (TSM) has over 15 years’ experience in the service industry. He is a strong relationship builder who is financially astute with excellent negotiation and communication skills, and the ability to work with people at every level. A team player, Bob is able to lead by example.
A member of the Institute of Directors (IOD), Bob has recently completed a Leadership course at Cranfield University. He is a keen advocate of MITIE’s partnership approach and is a champion of the business’ strategic risk-based approach. He sees this as an opportunity to move the business forward, and as such has launched a dedicated security risk and business resilience team since his most recent promotion. He takes every opportunity to promote MITIE’s presence within the industry through his involvement with industry bodies such as City Security and Resilience Networks (CSARN) and the British Security Industry Authority (BSIA). Bob is also a member of the RISC (Resilience Industry Suppliers Community) which is the leading business think tank on UK Security advising government on security.