IT directors under fire for poor security policies

[InfoSec News <isn () C4I ORG>]

http://www.silicon.com/public/door?REQUNIQ=961040040&6004REQEVENT=&REQINT1=38064&REQSTR1

Thursday 15th June 2000

IT decision makers have come under fire for failing to invest in
adequate network security as more companies adopt ecommerce
strategies.

According to a report by research house Ovum, organisations are
increasingly relying on an out-dated approach to security.

Graham Titterington, analyst at Ovum and author of the report, claimed
companies are focussing too much on "preventing users from accessing
networks as opposed to protecting confidential information once the
user had gained access".

He said ecommerce invited users onto company networks and that "the
biggest threat to the corporate network lurks within the boundaries of
organisations".

He added that companies that demonstrate they had an adequate security
set-up gained the trust of customers, which could provide core
business opportunities.

Tittington warned that the absence of industry standards and the lack
of interoperability capabilities among vendors was cause for concern,
as companies will not be able to implement an integrated security
management systems to co-ordinate security tools and applications.

A failure to distinguish between different applications and systems
also left the network vulnerable to intruders.

A report by Frost and Sullivan claimed IT directors had limited
knowledge about the tools available and did not realise the level of
investment required to secure the networks. The report accused
companies of not spending sufficient money on implementing the complex
tools.

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".