Data protection regulation a good thing, says internet security expert

Data protection and other regulations are a good thing because without them organisations would do nothing, says US-based internet security expert Ira Winkler.

Data protection and other regulations are a good thing because without them organisations would do nothing, says US-based internet security expert Ira Winkler.

"The real problem [in IT security] is that organisations are not addressing basic, underlying vulnerabilties," he said at RSA Europe 2010 in London.

"Many businesses hate compliance, but like it or not, compliance is their friend," he said.

Winkler, who is president of the Internet Security Advisors Group (ISAG), said many organisations still regard security as optional.

"But the reason car makers include air bags and anti-locking breaks is because it is required by law," he said.

For many organisations, it will take increasing legislation before they will information security seriously, said Winkler.

"Some organisations will dismiss people for viewing pornography at work, but take little action against employees responsible for data breaches," he said.

According to Winkler, laws that seek to regulate processes can only be a good thing, such as a law that requires businesses to implement patches within a set time limit.

"Such a law, could for example, require critical patches should be implemented within a week of release," he said.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT legislation and regulation

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close