Never mind the hacker outside, beware the hacker within

[InfoSec News <isn () c4i org>]

http://www.haaretzdaily.com/hasen/pages/ShArt.jhtml?itemNo=304489

By Galit Yemini
June 17, 2003 

"About 70 to 80 percent of information security breaches in
organizations are caused by the firms' own employees, and not by
outside hackers," says Arie Danon, CEI of information security company
Symantec Israel.

"It is customarily thought that the danger to an organization is from
some crazy bored hacker sitting at home looking for a site to
vandalize, but in most instances this is not the case," says Danon.
"Most breaches and failures of information security in organizations
are caused by its
 
employees, whether maliciously, because the employee wants to take
revenge on the organization or because he has found an easy way to
make money, or by accident, when employees don't follow information
security procedures and cause information leaks from the organization,
a very common phenomenon."

In recent years Symantec, which purchased the Norton Anti-Virus
software program, has diverted the focus from the home market to the
organizational market. In the past four years, sales to the home
market have dropped from 70 percent of total sales to 40 percent, and
the trend is likely to continue.

This is no accident. The Gartner research company announced this week
that most organizations worldwide will invest more than 5 percent of
their information technology (IT) budgets on information security - an
all-time high. Organizational spending on security has grown by 28
percent annually since 2001, while IT budgets have grown by just 6
percent per year over the same period.

The technological abundance in this field causes problems. "The more
security tools an organization has, the harder it is to manage the
systems together," says Danon. "So this year Symantec entered the
Managing Security Systems (MSS) field, for the remote management of
security systems. Thousands of different kinds of warnings reach an
organization each day via various warning systems, and it is important
to collate and analyze the data in order to improve the quality of the
information coming from the systems."

Outsourcing is in

Baruch Gindin, CEO of Gartner Israel, says that the information
security field has changed its focus from management from within an
organization to outsourced management.

"One can see that organizations today prefer to buy security services,
and not specifically security software," says Gindin. "Instead of
buying a separate product each time, they prefer to buy a package of
products, and that someone else, an expert, manage the package for
them. Even though organizational spending on IT during the recession
declined by 10 percent or more, there has been no option but to
maintain spending on security."

This is the niche in which Symantec Israel has chosen to expand its
operations. Symantec has five Security Operations Centers (SOCs), in
Britain, Germany and the United States, which receive data from
security systems. These enable Symantec to manage the company's
information security remotely, to integrate the data arriving from
various organizations, and to identify trends in security problems
around the world.

Symantec obtained the technology for managing information security
remotely after acquiring the American Ribtech company in July 2002 for
$145 million. Symantec Israel, which sells its products to
organizations via business partners such as Ness Technologies,
Netvision and Spider, is trying to offer Israeli organizations its
remote security systems management.

Someone to call

"Data is sent to a COS abroad and is processed, but someone has to be
available for the Israeli customers here in Israel, in order to handle
a security problem when it crops up," says Danon. "Israelis love
having someone nearby whom they can call to handle the system all the
time, so we are looking for potential candidates to manage this
operation in Israel. It will ultimately be worthwhile, because
outsourcing of security systems is a natural extension of outsourcing
IT in general."

In the meantime Symantec is not establishing a development center in
Israel, but is planning to continue its sales and business partnership
activities with Israeli companies. Danon figures that the information
security market in Israel alone is worth $30 million a year. The IDC
research company estimates that the market for information security
software will more than double by 2006.

Despite this great potential for growth, however, the veteran market
players must beware. Microsoft has already declared that the
information security market is the next field on its agenda, and to
prove it acquired anti-virus technology from a Romanian company called
GeCAD Software last week.

"The information security and anti-virus field has never interested
Microsoft," says Arie Scope, CEO of Microsoft Israel, explaining the
software giant's latest move, "but since Microsoft has been blamed so
often for the infiltration of viruses due to insufficient security,
the company realized that it has to tackle the security problem
itself."

The biggest fear of companies in the information security field is
that Microsoft will use its platform to distribute anti-virus software
free, as it did in its campaign against Netscape over Internet
browsers, and will almost wipe out the market.

This fear is not exaggerated. "It is almost certain that Microsoft
will distribute its new anti-virus program free," says Scope, "not
with the intention of destroying competitors, but to provide better
service to customers. If customers want more sophisticated
supplementary products, they'll buy them from companies that
specialize in information security."
 


-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.