TechTarget

IT chiefs bask in security ignorance



Lindsay Clark

IT managers are over-confident that they have appropriate security in place to protect their company information,...



Lindsay Clark

IT managers are over-confident that they have appropriate security in place to protect their company information, according to security experts.

Although 60% of companies believe there is a threat of computer fraud, 85% believe they have the right control measures in place to prevent that fraud, research by consultancy Ernst & Young has found.

David Sherwin, head of the fraud investigation group at Ernst & Young, said password-based security is not sufficient to prevent computer fraud.

"This is na‹ve," Sherwin said. "A lot of the controls are not real. Passwords can be overwritten, and are often shared around offices."

More than 80% of fraud came from company employees, according to the Ernst & Young Fraud 2000 survey, which is based on responses from more than 700 business managers in Europe.

Sherwin said that thorough business risk management was necessary before implementing security technology. Too often technology solutions were picked off-the-shelf with considering the business needs.

Although moving into e-commerce requires new business models the assessment of risk should be the same as other business transformations, Sherwin said. "It is like moving your business into a country where different laws and cultures exist or moving into an entirely new market."

This was first published in May 2000

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close