Groundswell: Have we been let off lightly by virus attacks?

As we pick up the pieces after yet another virus blitz this August it is worth reflecting that so far, things have not been that...

As we pick up the pieces after yet another virus blitz this August it is worth reflecting that so far, things have not been that bad. Cyberattacks, for all their damage, have been tame compared with what they could be. They have had no destructive payload.

But those in the know say the tide may be turning. The recent Blaster virus is believed to have been on reconnaissance. The City, increasingly concerned about the resilience of its firms and institutions, is waking up to the risks of more sophisticated cyberattacks.

Too often, pain prompts action. It took the Melissa virus infection to change Microsoft's approach to security. Since then rafts of viruses should have alerted chief executive officers to the true risk and to their personal due diligence liability. It is paradoxical, then, that many IT directors still find it hard to get money for IT security.

There has been talk of security software suppliers sexing up the IT security threat. Discounted by the real experts, this is a red herring. IT security is not just a question of products, it is also about having clear security policies maintained and enforced across organisations.

These policies should be wide, embracing applications such as mobile computing, instant messaging, wireless, grid computing, peer-to-peer technology. It is up to boards to decide the level of business risk they are prepared to accept in each of these areas.

End-user education and awareness programmes, such as the Corporate IT Forum's "Think before you click" campaign then become at their most effective.

It is salutary to visit the website of Tim Berners-Lee, the inventor of the World Wide Web. He probably understands better than anyone about web-borne risk and he does not accept Microsoft Office documents or attachments sent from Microsoft Outlook.

But given our dependence on shaky infrastructures, how many firms could go that far today?
This was last published in September 2003

Read more on Antivirus, firewall and IDS products

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.