Data protection regulation a good thing, says internet security expert


Data protection regulation a good thing, says internet security expert

Warwick Ashford

Data protection and other regulations are a good thing because without them organisations would do nothing, says US-based internet security expert Ira Winkler.

"The real problem [in IT security] is that organisations are not addressing basic, underlying vulnerabilties," he said at RSA Europe 2010 in London.

"Many businesses hate compliance, but like it or not, compliance is their friend," he said.

Winkler, who is president of the Internet Security Advisors Group (ISAG), said many organisations still regard security as optional.

"But the reason car makers include air bags and anti-locking breaks is because it is required by law," he said.

For many organisations, it will take increasing legislation before they will information security seriously, said Winkler.

"Some organisations will dismiss people for viewing pornography at work, but take little action against employees responsible for data breaches," he said.

According to Winkler, laws that seek to regulate processes can only be a good thing, such as a law that requires businesses to implement patches within a set time limit.

"Such a law, could for example, require critical patches should be implemented within a week of release," he said.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

COMMENTS powered by Disqus  //  Commenting policy