Online Security: - Bosses are the weakest link

Sunday, July 6 2008

Legacy

Mission


	SERVICES
	FORENSICS INVESTIGATIONS SECURITY


	SECURITY TOOLKIT
	Forums US Computer Crime Statutes Malware Search Tool Glossary



5870 West Jefferson Blvd., Suite A Los Angeles, CA 90016 Tel: 310.815.8855 Fax: 310.815.8808 info@OnlineSecurity.com © 2008 Online Security All rights reserved.

Forum

Posted: 02/09/2004

Bosses are the weakest link

Original Source:

Bosses are the weakest link
Author: Iain Thomson

Security best practice? I'll phone a friend

Senior managers may recognise the risks of lax IT security, but they seldom practice what they preach.

A new report to be published today from the Economist Intelligence Unit has found that, while board members see security as one of the top issues facing their companies, their knowledge of best practices is lacking.

Four out of five admitted to opening an email attachment from someone they did not know, and one in five confessed to using their own name as the password to access their network.

"There's a serious problem here," said Gareth Lofthouse, senior editor at the Economist Intelligence Unit.

"If the top brass can't follow basic security procedure, what does that say about the company's commitment to best security practice?

"It's easy for a company to throw money at a problem, but the real challenge is instituting a broad corporate culture shift."

The survey found that security was the second most important factor affecting IT systems, with network availability topping the list.

But, despite increasing security spending, firms reported rising levels of attacks on corporate systems.

"You really have to get on top of your employee education," said Joe Dauncey, security consultant at comms vendor AT&T's Technical Centre of Excellence.

"From a value for money perspective it's more cost effective to sit down with your staff and say 'Don't do this' rather than spending vast amounts on security devices that are being subverted by bad practice.

"As a service provider when we're taking over a company's IT systems we have to do a thorough review of best practice and the network architecture."

The survey polled 237 companies to determine management's view of perceived and real security threats now and in the future.

Forum
	Corporate
	Fraud Prevention
	Intelligence
	Medical
	E-Commerce Law
	International
	Underground
	Legal
	Technical
	Security