E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants

Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.


Source: CNET News.com

Posted on November 18, 2001

      Just buying new software isn't the answer to solving security problems - training and education are vital.

      Multinational corporations are still far off from securing their networks and seem to be focusing on the wrong threats, according to a report expected from Big Five accounting firm KPMG this week.

      For the risk assessment report, KPMG interviewed 500 executives in August and discovered that although 85 percent felt they gave enough attention to protecting their information, nearly four out of 10 thought their company could suffer a serious breach of security.

      The majority believes that the fix is to buy the right technology, but that's plain wrong, Stuart Campbell, partner for KPMG's Risk and Advisory Services practice, said in a statement.

      "Until more executives regard information security as a strategic business issue, organizations will remain vulnerable," he said. "This issue doesn't begin and end with technology solutions and technology departments."

      Rather than buy new software and systems, companies should be looking toward education, training and policy initiatives. Almost 90 percent of the executives said they had an ongoing program of such training, but only 11 percent said that nonmanagement employees were informed about security policy.

      "Companies need to move aggressively in educating and informing employees," said Campbell. "A security environment aimed primarily at preventing outside intrusions is destined for failure."

      Making the problem worse, companies seem to be focusing on the wrong risks. The report found that a third of executives considered hackers attacking from the Internet to be the greatest threat, but the reality, it said, is that almost 80 percent of attacks originate from inside a company's network.

      Another study may complicate that finding, however.

      Last March, the 2001 Computer Crime and Security Survey found that although attacks by online vandals didn't account for major dollar losses, the Internet has become a major source of attacks for most organizations. Companies that found themselves the victim of attacks via the Internet increased to 70 percent in 2001, but the number of companies experiencing insider attacks fell to 31 percent.

      Still, some results of the KPMG study indicated that companies were improving information security.

      Nearly eight out of 10 multinational corporations had developed a catastrophic response plan, and almost six out of 10 had hired full-time security specialists.

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.