<img alt="" src="https://secure.badb5refl.com/165368.png" style="display:none;">

Walking the Line Between Compliance and Productivity in your Security Program

By Natalie Anderson on June 6, 2023

Subscribe to the Apptega blog

Walking the Line Between Compliance and Productivity in your Security Program

June 6, 2023 | BY Natalie Anderson

James Ogier, Resolution IT's senior information security consultant, is a big proponent for creating cybersecurity programs that both address the information security needs and elevate company productivity and success – but how is this actually done?  

"There's a fine line between being a secure organization and being a productive organization," says Ogier on the most recent episode of the Apptega De-Risking Business Podcast. And the best cybersecurity programs prioritize information security in a way that optimizes for business goals.  

A security program should serve as a facilitator of business growth, rather than a blocker. Ogier has seen firsthand that by fostering collaboration and communication between consultant and client, shaping policies to match the specific business needs, and performing risk assessments that show an understanding of how security can contribute to overall growth objectives, security can become a business enabler.  

Doing the Basics Well 

For businesses in highly regulated industries, there is immense pressure to get the fundamentals right. Compliance obligations, due diligence with third parties, and good cyber hygiene are all crucial – but without a secure foundation all efforts will ultimately fall flat.  

The basics -- which often consist of employee awareness training, multi-factor authentication, and vendor vetting -- set the tone for the entire security program. But when starting the journey toward cybersecurity readiness, businesses often wind up poorly prioritizing the necessary steps, ignoring employee buy-in and awareness training, which ultimately harms the business’s security posture. 

To add the most value, MSPs must be able to strike a balance between adequately addressing risks and avoiding wasting time and resources; and the key to this is to break down objectives into manageable and measurable steps progressively built on top of the basics to create a proportional security system custom fit to the business’s goals and growth. By continuously growing a cybersecurity program from a solid base, organizations can make progress without overwhelming themselves and impacting productivity. 

As Ogier says, the basics, combined with proportional security measures, act as facilitators of business growth, rather than blockers, and organizations can maintain productivity and expedite growth with the backing of an information security program built upon a strong foundation. 

Listen to the full episode here.  

More Resources

GBQ Joins Apptega’s Growing Network of Firms Dedicated to Building World-Class Compliance Programs  

Today Apptega announces a partnership with GBQ Partners LLC (GBQ), a top 100 tax, accounting and consulting firm headquartered in Columbus, OH.

Learn More

Apptega Lands 39 Badges, including GRC Momentum Leader, in Fall G2 Reports

Apptega, the end-to-end GRC platform for forward-thinking IT and managed service providers, earned 39 high-performer and momentum leader badges in G2’s fall reports.

Learn More

Unlocking Value with the Insider Direct Model

By shifting the value from products to consultants, the insider direct model empowers cybersecurity professionals to deliver their expertise with an unwavering commitment to the protection and compliance of the customer.

Learn More

Subscribe to Our Cybersecurity Insights