Company directors wake to cyber threat

Beverley Head
Monday, 05 September 2011 14:48

Business IT - Security

The silver lining of events such as the high profile Sony hacking and Wikileaks affairs is that board directors are finally awake to the potential problems that can arise when their computer systems are hacked and privacy breached.

According to John McCormack, president of Websense; 'Even my own board now has a heightened awareness about how this may expose shareholders to loss. WikiLeaks has taught us that the disgruntled insider can cause embarrassment.

'LulzSec and Anonymous have taught us activist groups can embarrass organisations.' And Mr McCormack added that there is now a 'steady drumbeat' of reports in mainstream media such as the New York Times and Wall Street Journal about the rising tide of computer based attacks, which are increasingly financially motivated and calculated to wreak more than embarrassment on organisations.

This was leading to a heightened awareness of the issue which 'Means at a fundamental level that the lead security practitioner has the opportunity to get in front of the board with the CEO about the risks that a company faces,' he said during a visit to Australia.

While Mr McCormack acknowledged that it was not possible to guarantee a company absolute security, it was important organisations were alive to the rising tide of risks, and that the board understood the full implications of the threats. And the need to invest in new approaches.

'Given these attacks - at pretty secure networks - it's pretty safe to say that the architectures that were deployed aren't working any more. I'm not suggesting you rip it all out - but companies need to recalculate their assumptions about risk

'We are now in an IT world that is highly mobile, socially networked and cloud focussed. You have to change the network architecture to make it work - not just update your filtering.'