E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants

Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.


Too many companies adopt reactive, rather than pro-active stance

Source: Computing Canada

Posted on May 2, 2000

      A growing number of Canadian companies are seeing attempts to break into their network systems, according to a recent industry survey.

      Twenty per cent of large companies and 15 per cent of medium-sized companies said they have had as many as four attempts to break into their systems in the past 12 months, according to Dan McLean, research manager for networks at IDC Canada.

      However, most companies believe viruses, not hacking, is the biggest threat to their networks.

      The figures were part of a preliminary analysis of a recent survey of 200 large and medium companies across the country.

      "For most the sense was the volume of IT threats within their organizations was pretty much remaining the same," said McLean, "but certainly there's a significant number of companies that see an increase in the number of threats they're experiencing."

      The survey of IT managers could show more evidence that Canadian businesses aren't paying enough attention to network security, he said, because of some conflicting results.

      For example, over 70 per cent hadn't seen evidence of hacking, and about three-quarters believe most of the security problems they see are accidental and not malicious.

      Only slightly more than half said security is "very important' to their company, while another 40 per cent said it is "somewhat important."

      Because he hasn't had a chance to analyse all of the study's results, McLean doesn't know if the companies surveyed aren't hearing about problems such as denial of service attacks, hacking or employee disclosure of data, or if they really aren't happening.

      More analysis may back up IDC Canada's belief that most Canadian companies aren't doing enough about network security, he said.

      "Most companies we've spoken to are in a reactive mode when it comes to network management," said McLean. "Not many companies look at it in a pro-active way - that they're able to identify problems or faults before they cause failure." It's a trend he called "somewhat disturbing."

      One of the difficulties is that the network management tools are still difficult to deploy and require a fair amount of expertise to run, he said.

      McLean's comments came at a briefing for reporters during a conference organized by Tivoli Systems Canada, a unit of IBM Corp., which was promoting its SecureWay line of network security applications.

      Fred Cotton, who heads a Sacramento, Calif. computer security firm also spoke at the conference and said in an interview that until companies stop seeing security as a cost centre it will never be important to executives.

      "IT managers I talk to say one of their biggest complaints is that management gives lip service to (network) security in many cases. They don't have the support to get it done."

      Cotton, who trains law enforcement officers in California, said abuse of corporate data by insiders is the most common security threat. "If you don't have systems with an audit trail the risk to a company is huge," he said.

      Recent denial of service attacks (DoS), in which a hacker harnesses other people's computers on the Internet to assault a target is a prime example of how bad network security is, he said.

      While DoS attacks are hard to defend against, he said, it was poor security that allowed servers to be hijacked.

      Tivoli said it will release SecureWay Risk Manager next month, an application that brings together information from many network sources such as intrusion detectors and scanning tools to give administrators the ability to centrally manage threats. Pricing wasn't disclosed.

      Recently Tivoli announced SecureWay Privacy Manager, which lets companies limit access to personal customer information held in databases and data warehouses. It will be available in the third quarter. Pricing will be announced at that time.

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.