AUSTRALIA IT SECURITY ARTICLE OF NOTE CIO | The IT Security Buck Stops HereThe IT Security Buck Stops Here
Sue Bushell, CIO

10/05/2004 11:58:31

Need to convince corporate leaders with objective measures of security's value? Start here.

US President Harry S Truman said in his farewell address in 1953: “The President has to decide. He can’t pass the buck to anyone.” Now that’s an adage all executives might consider carving into their desks (if not their very souls) as the torrent of cyber attacks continues to highlight corporate vulnerability to IT security threats.

The days when executives could profess ignorance and happily pass all responsibility for security to their IT professionals are long gone. No executive can fail to be aware of the mounting toll data theft, virus and worm attacks and other security intrusions are taking on corporations struggling to keep up with the army of cyber villains intent on exploiting their technical knowledge to inflict maximum damage whenever and wherever they can.

In 2003 alone, the Australian Computer Crime and Security (AusCERT) Survey shows, 42 percent of corporations fell victim to one or more computer attacks that harmed the confidentiality, integrity or availability of network data and systems. Financial fraud, laptop theft and virus, worm and Trojan infections caused real losses, yet a dismal 11 percent of respondents felt they were managing all computer security issues reasonably well. This should worry those at the top, since all executives could find themselves potentially liable in the event of a catastrophic security breach.

Experts warn that increasingly, executives must consider themselves chief information security officers, and recognize that as with any other cause of business disruption, if IT security adversely interrupts business it is, ultimately at least, their responsibility.

Following are some of the things all executives must know, and some questions they all must ask.


You Are Where the Buck Stops

CONTINUED at weblink.......