No. 1 Story
ACCC clears Optus to scrap HFC network and use NBN instead
The ACCC has cleared, provisionally, the proposed deal between Optus and NBN Co under which Optus is to be paid around $800m to shut down its HFC network and transfer customers onto the NBN. read moreSarb-OX: more of a worry than any worm
Stuart Corner
Wednesday, 02 November 2005 15:02
Nearly two-thirds of survey respondents, representing 1,300 global companies, government and non-profit agencies in 55 nations, cited compliance with regulations such as Sarbanes-Oxley, the EU's 8th Directive or their equivalent as the primary driver of information security.
However, according to Ernst & Young, organisations are missing the rare investment opportunities that compliance offers to promote information security as an integral part of their business. Edwin Bennett, Ernst & Young's global director of technology and security risk services, said: "One might assume that with the attention information security is receiving due to regulatory compliance, organisations' information security postures are improving and information security as a function is becoming more integral to their strategic initiatives. Unfortunately, this is not happening on a consistent basis. The gap continues to widen between the growing risks brought on by rapid changes in the global business environment and what information security is doing to address those risks. This pattern is consistent across organisations, regardless of size or location."
Although awareness about information security has risen as a critical issue among boards and executive management, they continue to focus information security activities on operational and tactical issues at the expense of addressing strategic concerns, Ernst & Young claims.
The Ernst & Young survey also found that business demands and the declining cost of wireless connectivity are driving the rapid widespread adoption of mobile technology. But with these devices leaving the safety of the corporate control environment, the information assets and intellectual property they carry are increasingly becoming the responsibility of individuals to protect. "Less than half of organisations make provision for general users of information to be trained or made aware of the impact of information security issues with these technologies, and fewer still receive training on responding to security incidents," Bennett said.
You think you have a disaster recovery plan?
Think again. Most businesses only have PART of a DR plan - and this spells business disaster in the event of an IT disaster.
Download The Seven Sins of Disaster Recovery White Paper now and find out how you can prevent this happening to you.
