Is Your Company Prepared for a Cyberattack?

There is a disconnect between IT, the security department (if it is separate from IT), and administration.

By Sue Poremba | Posted Jun 17, 2010
Page of   |  Back to Page 1
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

WEBINAR: On-Demand

Learn How a Virtual Networking Approach Can Strengthen the Security of Federal Networks REGISTER >

In the time I've been writing on information security, I've noticed a disconnect between IT, the security department (if it is separate from IT), and administration. Security-related training is inadequate. Recently, I spoke with several business executives about IT funding and asked how spending for security fit into their budget; only one said spending on security was a priority. More disturbing was the executive who told me that he would worry about security when there was a problem. 

It appears I'm not the only one who has noticed this disconnect. Carnegie Mellon University released a report that stated most executives aren't involved with security on enterprise computer systems. According to an article in the Pittsburgh Tribune-Review:

The report found that a majority of companies don't have full-time privacy, security and risk executives responsible for those issues. Respondents indicated that corporate boards reviewing privacy and security issues weren't focusing on activities that would help protect the organization from high-risk situations, such as reputational or financial losses due to breaches of personal identity information or theft of confidential or proprietary information.

However, at a Bloomberg Link Boards & Risk Conference held in Washington, DC, earlier this week, security experts warned business executives that the time has come to put a lot more focus on security. Cyberattacks are happening with more frequency and every business is at risk, according to an article at Bloomberg BusinessWeek. Rachael King wrote:

Security experts such as Patrick Morley, CEO of enterprise security firm Bit9 say that attacks are on the rise. He predicts that security will move toward so-called white listing, the practice of defining the software that IT departments will let run on computers and mobile devices.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter