June 27, 2005 (IDG News Service) --
There isn't a colored alert system indicating the threat level faced by global information systems. But if there were, former White House security director Paul Kurtz figures it would be bright orange for "high risk." "It's not appropriate to say the sky is falling, but I do think we are taking information security for granted," Kurtz said during an interview on Friday. It's this concern that prompted Kurtz, executive director of the Cyber Security Industry Alliance (CSIA), to come to Europe last week. CSIA, a public-policy advocacy group focused on cybersecurity issues, was launched in February 2004 by a handful of IT security firms, including RSA Security Inc., McAfee Inc. and Symantec Corp. It's now seeking to expand its membership in Europe and begin tackling issues across the Atlantic. Industry representatives approached Kurtz about his current job early last year, while he was serving as special assistant to the president and senior director for critical-infrastructure protection on the White House's Homeland Security Council. Those roles left him responsible for both physical and cybersecurity issues. "At first, I thought Washington needs a new association like a hole in the head. But then after I thought about it, I elected to leave the White House," Kurtz said. Part of the reason was that cybersecurity had been "put in the back seat" while physical security took precedence, he said. "It was very frustrating," Kurtz added. At CSIA, Kurtz and the member companies want to work on global cybersecurity issues such as privacy and information integrity, as well as help develop policies like notifying the public when personal information has been exposed in a data breach. The group is focused on enterprise issues and is CEO-driven -- its board comprises executives from McAfee, Symantec and RSA, among others. "The bottom line is that the private sector is going to get attacked," Kurtz said. The U.S. government isn't taking cybersecurity seriously enough, he said, noting that it reduced research and development spending for the area in its latest budget. One possible reason for the lack of concern is that some government officials still believe cybercriminals are "pimply-faced teenagers," not organized crime gangs, according to Kurtz. But for the private sector, the threat has become much more real as recent high-profile cases have grabbed headlines and shaken consumer confidence. In just one recent incident, it was revealed that some 40 million credit card numbers may have been accessed by a hacker who infiltrated the network of a company that processed payment information for MasterCard International Inc. (see "Security breach may have exposed 40M credit cards"). "As we've seen over the last few months, a lack of attention
Moving to Windows Vista: The Promise, The Reality View this exclusive webcast today! Go to the webcast
Computerworld Executive Bulletin: Building a Robust Antivirus Defense
Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs. (Source: MessageLabs) Antivirus software alone isn't enough to prevent today's speedy, sophisticated virus attacks. Security managers should consider multitiered approaches that include behavior scanning, appliances that check e-mail for worms, and restricting user access to dangerous Web sites. Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs, to learn more. Download this executive briefing
Quick Sizing Guide for SAS Grid Running on HP BladeSystems and EVA Storage
Download this white paper today! (Source: HP) Designed for CIOs, IT managers, data center managers and grid computing architects seeking to improve performance, SAS Grid Computing on the HP BladeSystem c-Class helps accelerate growth and mitigate risks with a simplified, consolidated infrastructure that's agile enough to efficiently handle change. SAS Grid Manager on HP BladeSystem can lower costs through automation, virtualization and improved IT efficiency. Download this white paper
White Papers
Read up on the latest ideas and technologies from companies that sell hardware, software and services.
Securing your network begins at the gateway, also called the perimeter, to keep unauthorized users, viruses and malicious code from entering your systems. Deploying multilayer technologies is your first line of defense. With the mobility of employees and the ease with which external devices can be brought in and out of a network, continuing to build your security plan for network servers and clients is a must. Fortunately, there is much that organizations can do to protect themselves from attacks - internal and external. One of the key facets of a successful security strategy is protecting the servers that run critical applications and house so much of your essential data. Having the right policies, procedures and server configurations is critical.
Fired up about IT?Join Sharkbait and share your true tales of IT. SharkBait is the place for you to sound off about everything IT the good, the bad, and the rest of the weird stuff you deal with every day.
Companies today are realizing that competitive advantage is harder to sustain when based solely on gains in productivity and cost efficiency. The focus is shifting to invest more in business optimization initiatives which rely on trusted information to develop new insights that deliver better business results. But how can this be done efficiently in a business environment across multiple applications and processes. The answer is an Information Agenda - an innovative approach to transforming business information into a strategic asset for competitive advantage.