Data protection regulation a good thing, says internet security expert


Data protection regulation a good thing, says internet security expert

Warwick Ashford

Data protection and other regulations are a good thing because without them organisations would do nothing, says US-based internet security expert Ira Winkler.

"The real problem [in IT security] is that organisations are not addressing basic, underlying vulnerabilties," he said at RSA Europe 2010 in London.

"Many businesses hate compliance, but like it or not, compliance is their friend," he said.

Winkler, who is president of the Internet Security Advisors Group (ISAG), said many organisations still regard security as optional.

"But the reason car makers include air bags and anti-locking breaks is because it is required by law," he said.

For many organisations, it will take increasing legislation before they will information security seriously, said Winkler.

"Some organisations will dismiss people for viewing pornography at work, but take little action against employees responsible for data breaches," he said.

According to Winkler, laws that seek to regulate processes can only be a good thing, such as a law that requires businesses to implement patches within a set time limit.

"Such a law, could for example, require critical patches should be implemented within a week of release," he said.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy