The scale of the perceived security threat to the internet has changed, it is claimed in a survey by investors 3i.
The scale of the perceived security threat to the internet has changed, it is claimed in a survey by investors 3i. ‘E -security expenditure has so far clustered around obviously sensitive sectors, such as financial services and government, which have appeared
vulnerable to attack largely because of the confidential nature of the data they hold. But after the indiscriminate attacks on New York and Washington, it’s clear that any business which relies on the storage and transmission of electronic data, and there aren’t too many that don’t, is at potential risk. Terrorists may try and test out the claims of hackers that the internet can be taken down, at least temporarily, by a concerted attack. Governments can do even more damage: at a conference in Sydney in July 2001, the chief of the Australian Defence Forces warned that more
than 30 countries had advanced and aggressive programmes for waging war by computer. If the very infrastructure by which firms conduct electronic business appears to be under threat, then almost every industry has a vested interest in e-security.’
The current buzz may be around the threat posed by terrorists, the survey adds, but most e -security breaches begin at home: ‘Estimates indicate that anywhere from 60 per cent to 70pc of corporate e-security breaches come from within corporate walls.’ The survey adds: ‘Fostering a sense of loyalty among employees
is crucial to insuring against t he threat of internal sabotage – and that’s not the job of the IT department but of HR and other senior executives. Physical security procedures, based around biometrics and smart cards, are clearly relevant here too.’ Indeed, when industry figures were surveyed by 3i, the likely threats to the coporate world mentioned were white -collar crime, corporate espionage and internal sabotage. About half of e-security spending goes on authentication and administration and network security (including firewalls).
More companies are turning to dedicated security services firms to run their security infrastructure, it is claimed. ‘Managed Security Services, or MSS as it’s known in e-security lingo, still suffers from a natural reluctance to trust outside firms with security issues, but should do very well in the long term.?
Managing security isn’t an event but a process, the survey points out. If an entire security suite was bought for the company last year, that does not mean that security has been taken care of. However: ‘In the aftermath of the attacks in the US, even more companies are likely to see security as a product to fend off criminals once and for all.’