By Tony Anscombe
Email, thecoastnewspaper@gmail.com
Businesses routinely evolve alongside the challenges of their operating environments. If the challenge is power, they ensure they have a power backup.
Organisations that cannot afford downtime invest in connectivity failover. And yet, when it comes to digital infrastructure, many businesses treat “security” as a separate, IT-delegated silo rather than a core pillar of operational performance and, in the worst-case scenario, survival.
This is a mistake, because the era of viewing cybersecurity merely as a defensive IT function is well and truly over. Cyber risk is fundamentally a business risk, which means that true resilience demands a commercial, rather than a purely technical, approach.
What does this mean? If we are honest, security is often viewed as a grudge purchase. Imagine a boardroom where a Chief Information Security Officer requests a budget of about Ksh77 million based on detailed threat modelling.
The board reviews this and counters with approving Ksh46 million. That Ksh31 million difference is not a savings for the business. It is an unmitigated financial risk that the business…
