IT company chiefs challenge users on security

The heads of 200 of the largest technology firms are challenging end-users to meet minimum standards of security in their...

The heads of 200 of the largest technology firms are challenging end-users to meet minimum standards of security in their organisations.

The call is part of an initiative to support the US government's drive against computer crime.

The chief executives of technology firms - including, 3Com, Cisco, Hewlett-Packard, and RSA Security - aim to lay down a set of security standards by the summer that will act as baseline for the security of business systems.

The initiative, which has won backing from the White House, aims to give firms, ranging from multinationals to small businesses, a benchmark they can use to assess their own security.

Rick White, president and chief executive of TechNet, an umbrella group for technology industry chief executives, said the aim was to create a minimum security standard that would be relevant to every business.

"We are going to identify a basic level of computer security that most companies should be able to make. We are going to ask our own members to comply with it and then extend the challenge to other companies."

White said the new standard, which is being developed by audit firms KPMG, Ernst  & Young, Deloitte and Touche, and PriceWaterhouseCoopers, will be simple enough for small businesses to comply with.

It will be reviewed and updated every year in an attempt to raise the levels of security beyond a basic baseline, and to take account of changes in technology and the emergence of new threats.

"We hope to be able to shame US industry into meeting best practice and to encourage them to meet a basic level of IT security. If that is successful, it will benefit every one. It will mean that the government will not come forward with security sanctions," said White.

RSA, one of the technology firms backing the initiatives, said that all suppliers had a duty to make sure they complied with the new standard.

Read more on IT risk management

SearchCIO
SearchSecurity
SearchNetworking
SearchDataCenter
SearchDataManagement
Close