Printer Friendly

A megabyte of prevention. (Up front: news, trends & analysis).

Despite enormous growth in security software, hackers continue to break into business networks wreaking havoc.

Intrusion prevention is absolutely critical for every company, but especially for those with access to sensitive information. Experts say such organizations are particularly vulnerable to professional hackers, who can cost companies millions in lost revenue and productivity with each cyber attack. A 2001 Computer Security Institute (CSI)/FBI study reported that the average company loss due to vandalism and denial-of-service attacks is $2 million.

At the recent Internet Security Alliance Conference (ISAlliance) in South Carolina, experts urged companies to take a more holistic approach to cyber security with a clearly defined and implemented Internet security policy.

According to Robert D. Wice, AIG eBusiness Risk Solutions manager of underwriting, specific strategies--or risk management building blocks--can help companies avoid cyber-security breakdowns. For example:

* Personnel must be educated about Internet security and familiar with the company's security policies.

* A crisis management team should be in place and active.

* Ensuring that the company's technology is up to date can prevent security problems.

* By strengthening foundations within the company, security breaches can be avoided.

* Enforcing a total risk management program greatly reduces the challenge of a security problem within the company.

* By implementing a loss-prevention service, the company can analyze, mitigate, and prevent legal liability and damage from a cyber attack.

Wice said uninsured companies are extremely vulnerable to cyber-security breaches as the number of risks increase and become more severe. First-party losses include corruption or loss of data, business interruption, repair costs, extortion costs, damage to reputation, and loss of market capitalization. Additional risks include Web content liability such as libel, slander, and trademark infringement; professional errors and omissions liability; and network security and liability loss.

But it's not good to use traditional insurance to cover cyber security. Because courts have ruled that data is not tangible property, companies that have invested in traditional insurance may be left financially devastated. However, cyber-security risk insurance enables a company to take the financial loss off its balance sheet and move it to that of a third party. Wice predicts that Internet risk insurance will grow to $2.5 billion by 2005.
COPYRIGHT 2002 Association of Records Managers & Administrators (ARMA)
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2002, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Industry Trend or Event; Industry Legal Issue; against computer crimes
Publication:Information Management Journal
Article Type:Brief Article
Geographic Code:1USA
Date:Jul 1, 2002
Previous Article:Cyber security: key to homeland security. (Up front: news, trends & analysis).
Next Article:Virtual vulnerabilities. (Up front: news, trends & analysis).

Related Articles
Crime prevention and the electronic frontier.
Clean look, short articles give weekly association newsletter the edge.
Looking Ahead.
Making Computer Crime Count.
Addressing the need for a uniform definition of gang-involved crime. (Perspective).
Bulletin Reports: Juvenile Justice.
Data mining and value-added analysis.
Focus on community policing: fostering community partnerships that prevent crime and promote quality of life.
"European Journal of Criminology' and 'Criminal Justice Abstracts Online' from Sage Publications.

Terms of use | Privacy policy | Copyright © 2019 Farlex, Inc. | Feedback | For webmasters