Printer Friendly
The Free Library
19,573,962 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

Companies Risk Loss of Critical Information Due to Inadequate Computer Security Response Plans.


Business/Technology Editors

BILLERICA, Mass.--(BUSINESS WIRE)--Oct. 25, 2001

-- Many policies outdated, insufficient to deal with natural disasters, sophisticated internal and external security threats

-- Integris, PRISM Security will address need for "Emergency Security Toolkit" at annual Computer Security Conference, October 29-31 in Washington, D.C.

Many companies risk the loss of critical information because they have not implemented adequate top-to-bottom policies to protect their IT systems from the threat of natural disasters or attacks from internal and external hackers.

Lack of senior management buy-in A management buyin (MBI) occurs when a manager or a management team from outside the company raises the necessary finance, buys it, and becomes the company's new management. A management buy-in team often competes with other purchasers in the search for a suitable business. , continued corporate restructuring, unqualified technical staffs, and budgetary constraints are among the obstacles to implementing a comprehensive incident response plan, barriers that could leave a company's information at risk.

"In many cases, companies pretend the problem will go away if they ignore it," said Bob George, senior security consultant for Integris, an IT services company whose solutions include mission critical e-outsourcing services. "Some companies assign untrained people to maintain security and they provide neither the training nor the time to make it possible to do the job. They fail to realize how much money their information and organizational reputations are worth."

Bob George and Kelly Hansen Kelly Hansen started his career as an independent studio singer. He later met guitarist Carlos Cavazos and bassist Rudy Sarzo of Quiet Riot fame to form Hurricane in 1985. Hurricane's record label went bankrupt in 1991 and the band disbanded shortly thereafter. , CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board.  of PRISM Security, Inc., Integris' managed security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the  partner, will present a seminar entitled "From Packet Floods to Data Tsunamis: An Emergency Security Toolkit", at the 28th Annual Computer Security Conference and Exhibition. The conference will be held October 29-31 in Washington, D.C. at the Marriott Wardman Park. George and Hansen will offer recommendations on how to develop and implement a thorough incident response plan so organizations are prepared when they face a security attack.

"Companies often focus on reactive, short-term fixes to security issues, so problems re-emerge rapidly," Kelly Hansen said. "They don't deal with the operational aspects of security, but rather, they make a few fixes and then don't follow through to see that the problems stay fixed."

Businesses need to be concerned about restoring operations after their infrastructures are affected by power failures, fires, flood, or hurricanes, or after deliberate sabotage of their IT systems by employees or external hackers. Statistically, fires and floods cause greater losses and downtime than viruses, but viruses, "worms", Trojan horses It may never be fully completed or, depending on its its nature, it may be that it can never be completed. However, new and revised entries in the list are always welcome.
  • AIDS
  • Beast Trojan
  • Bifrost
  • Generic8.
, and logic bombs can cause widespread damage, according to according to
prep.
1. As stated or indicated by; on the authority of: according to historians.

2. In keeping with: according to instructions.

3.  George and Hansen.

Indeed, security breaches are on the rise. The Computer Security Institute (CSI CSI Crime Scene Investigator
CSI CompuServe, Inc.
CSI Commodity Systems, Inc.
CSI Commodity Systems Inc. (Boca Raton, FL)
CSI Crime Scene Investigation (CBS TV show)
CSI Christian Schools International ) reported in its 2001 Computer Crime and Security Survey that 85 percent of the 538 companies it surveyed detected security breaches in the past year and 64 percent acknowledged financial losses due to computer breaches. The most serious financial losses occurred through the theft of proprietary information and financial fraud. The increased sophistication so·phis·ti·cate  
v. so·phis·ti·cat·ed, so·phis·ti·cat·ing, so·phis·ti·cates

v.tr.
1. To cause to become less natural, especially to make less naive and more worldly.

2.  of "sabotage" tools - such as encryption to send malicious information - and ready access to information available online make it easier for internal or external hackers and more difficult for companies to guard against.

A good incident response policy should begin with a document that clearly defines how an organization is going to restore system operation as quickly as possible with a minimum disruption in business, George and Hansen said. This document should identify possible threats, determine what information must be rescued, review all relationships between the company and external groups (outsourced infrastructure, suppliers, etc.), extensive training, and a determination of who has ownership of what responsibilities in the case of a security breach. A vigorous auditing of the policy, incidents, and infrastructure can help reduce the chances of problems.

George and Hansen will conduct their seminar on Tuesday, October 30, from 11:50 a.m. -12:30 p.m

NOTE TO EDITORS: Bob George, Kelly Hansen, and Mike Kayat, Integris Director of Sales and Marketing, are available for interviews at the Computer Security Institute conference. Integris booth will be located in Hall A, Booth #1708.

About Integris

Integris is a leading provider of business consulting, systems integration and professional services (job) professional services - A department of a supplier providing consultancy and programming manpower for the supplier's products. , and complex e-business systems management and hosting services. Integris is an Application Service Provider of Ariba Inc. Integris focuses on selected vertical markets, including Public Sector, Education, Telecommunications, and Financial Services The examples and perspective in this article or section may not represent a worldwide view of the subject.
Please [ improve this article] or discuss the issue on the talk page. . The Integris web address for its e-Outsourcing business is www.e-outsourcing.integris.com.

The e-Outsourcing business is part of Integris, a division of Bull HN Information Systems Inc., with headquarters in Billerica, Mass. Integris provides consulting, systems integration, systems operations, e-business/e-government management and managed services/ASP services to its public sector (state and local government) and commercial customers.

About PRISM Security, Inc.

PRISM Security is a subsidiary of Sun Tzu Sun Tzu (sn dz), fl. c.500–320. B.C.  Security, a Milwaukee-based information security consulting firm Noun 1. consulting firm - a firm of experts providing professional advice to an organization for a fee
consulting company

business firm, firm, house - the members of a business organization that owns or operates one or more establishments; "he worked for a . PRISM, an acronym acronym: see abbreviation.


A word typically made up of the first letters of two or more words; for example, BASIC stands for "Beginners All purpose Symbolic Instruction Code.  for Proactive Remote Information Security Monitoring, is a proprietary software/service bundle designed to meet the information security needs of Fortune 1000 companies. PRISM's web address is www.prismsecurity.net.

Sun Tzu Security was one of the first providers in the nation to offer turnkey information security solutions. Sun Tzu ensures the success of its customers by providing strategic consulting services to protect mission critical information. The company's services include information security, risk assessments, computer investigative services, and HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health,  security and privacy compliance.
COPYRIGHT 2001 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2001, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Publication:Business Wire
Date:Oct 25, 2001
Words:834
Previous Article:Michigan & Trumbull, L.L.C. Unveils Plan to Reopen ``Ballpark At the Corner''.
Next Article:Intl Mercantile Corp's Wholly Owned Subsidiary Solutions Technology, Inc., Has Completed Testing of the SecureTime Biometric ID Payroll System with...



Related Articles
Working out the Risks.
Hackers and Other Hazards.
Many factors must be weighed with security decisions.
Cybercrime soars. (Up Front: news, trends & analysis).
Disaster recovery planning for information technology functions. (Feature Article).
In case of emergency: entrepreneurs should be prepared when disaster strikes. (Management Advice).
The business continuity continuum: keeping insurance systems running. (Special Advertising Section).
Network security: it's one area where you simply can't afford to take risks.
Risk assessments and future challenges.

Terms of use | Copyright © 2012 Farlex, Inc. | Feedback | For webmasters | Submit articles