Internet Security Not Pressing to All

Internet Security Not Pressing to All


http://www.washingtonpost.com/wp-dyn...-2002Sep8.html


"The positive news is that industry is talking the talk of the need for improved information security," said David McCurdy, executive director of the Internet Security Alliance. "The negative news is that very few are walking the walk."

Nearly 90 percent of 227 companies that responded to a survey said information security was essential to the survival of their business. However, 30 percent said their plans for dealing with technology threats were inadequate.

About half of the respondents reported that the Sept. 11 attacks made them "more concerned" about cyber-terrorism, but almost as many respondents reported no change in their attitude.

According to those who conducted the survey, many companies might still believe that the potential losses from a cyber attack are not yet great enough to warrant increased spending on security.

********************************

i think it just really erks them to have to pay us what were worth for having such a great time. Somehow it goes against their sense of values.

Quote:

---

According to those who conducted the survey, many companies might still believe that the potential losses from a cyber attack are not yet great enough to warrant increased spending on security.

---

A couple years back, Forrester Research, Inc. found that Fortune 1,000 firms were spending less on security than they spend on coffee and soft drinks. Now, I guess it's still valid, even after 9/11.

As a worker myself, I know some facts about Internet Security in some companies:

• No security policy in place; or there is one, but they don't enforce corporate-wide compliance. Also, they tend to say “We’ve put in firewalls, so our network is secure.”
• Businesses are aggressively incorporating new network technology into daily operations. But, there are always not enough people to do the job, or, the people that are available lack the necessary skills.

I think education is the key, but like an AO quick tip from thor, "Companies will train staff how to sell, but they are selling themselves short by a lack of security training." Hmmm... this must be changed. Now.

Peace always,
<jdenny>

Quote:

---

A couple years back, Forrester Research, Inc. found that Fortune 1,000 firms were spending less on security than they spend on coffee and soft drinks. Now, I guess it's still valid, even after 9/11.

---

How terrible this lack of security. This is mainly due to the ignorance of those people about the security threats or may be the don't care attitude. Also people think that attacks will not happen to them and even if there is an attack, they will be secure with their data.

As the policies of the company changes, at times, they can't incorporate those changes into their n/w security. That sometimes makes problems.

I think Bruce Scheiner put it very well in his article in The Atlantic. Too much reliance on technology and not enough on general common sense and intelligence will bring us down. We always assume that things will go right and never think of the what if things go wrong.

And its not just the Corporate level. I'm trying to convince my college that having a diploma and/or degree program oriented towards security would be a good thing. They don't believe there is a market for it.

It's like everything else. After 9/11 people were concerned about cyber terrorism, just as they were about real life terrorist attacks. The fear has worn off in both cases. Until business and the public begin experiencing more in both areas, cyber and real life, the status quo will remain.