Ready all your IT defences

There seems to be universal recognition that war with Iraq is inevitable. But while politicians politick and troops mass, the...

There seems to be universal recognition that war with Iraq is inevitable. But while politicians politick and troops mass, the prospect of conflict raises issues of governance far closer to home.

Last week, Computer Weekly revealed exclusively that the head of the UK's Infrastructure Security Co-ordination Centre has advised organisations to review the security of their systems to ensure they are able to repel any attacks launched by cyberterrorists. They must also, reluctantly, countenance the prospect of having to invoke disaster recovery procedures in the event of disruption to their telecoms provisions.

Corporate governance has been pushed way up the IT agenda of late, owing to an increased legislative focus and to heightened, post-Enron awareness. Managing key risks has never been more important as Bank of America discovered when the Slammer virus took out 13,000 cash machines last month.

When confronted with global events likely to have a huge and terrible impact on human life, business publications win themselves no respect by focusing myopically on the ramifications upon the industry they serve. But equally, when a board director or some other person in a position of corporate responsibility shows blatant disregard for shareholder value in the face of a potential threat to business continuity, he or she can expect to receive no plaudits.

The IT function must exercise due diligence in defending the corporate systems it maintains. Moreover, governance in IT security must be an organic process, not a one-off project. Systems that are safe today could be breached tomorrow, so your security policy needs to be much, much more than a merely a sop to your auditors.
This was last published in February 2003

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.






  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...