Aust companies push tech security to top priority

[InfoSec News <isn () c4i org>]

http://www.zdnet.com.au/newstech/security/story/0,2000024985,20269645,00.htm

By James Pearce 
ZDNet Australia
05 November 2002

Security has pushed its way to the forefront of corporate
consciousness, according to an International Data Corp (IDC) survey of
Australia's medium to large organisations.

The survey revealed that 90 percent of respondents rated security as
"important" or "very important".

The results showed investment in IT security was increasingly the
result of proactive corporate policies and less a response to security
breaches, reflecting the rise in corporate concern over hacking and
virus infiltrations as well as a increased general awareness of
security issues.

However, around a quarter of respondents cited security breaches as
driving IT security investment, indicating several companies are yet
to properly prioritise the area.

A key driver behind security investment included increased usage of
the Internet and intranets, with two thirds of organisations rating
increased Internet usage as a dominant influence of security
investment.

Another key driver is the increase in mobile computing, with 31 per
cent of those surveyed indicating this had a significant influence on
investment.

Paul Ducklin, head of global support for Sophos antivirus, told ZDNet
Australia that changes in viruses were encouraging companies to become
more proactive. For instance, recent viruses such as Klez and Bugbear
spoof the sender address, so the old practice of informing people they
have a virus no long has any effect.

"Furthermore, modern viruses commonly and deliberately send out
confidential data, or leave behind back doors which open up networks
to later unauthorised access," said Ducklin. "Recent beefing up of
privacy regulations mean that confidentiality lapses of this sort are
no longer just the IT department's problem, they are very much the
board's problem, too."

According to Ducklin, the big threat in the past had been that a virus
could wipe your hard drive, but now the threat is the release of
confidential information. "If you think about it, if you've got good
backup you can restore a hard disk," he said. "What you cannot do is
recall an e-mail once it has been sent."

John Donovan, the general manager of Symantec, said the reasons for
purchasing security hadn't changed, but there is more clarity now.  
"The focus is coming from the top level, because they understand
security is a business issue, not just an IT issue," he said.

"There's a better focus on the context of those point product
solutions and the role they play in the enterprise," said Donovan.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.