|
When a top security guru who has worked with the President of United States
is invited to talk at an event, you expect to hear spook stories of men in
dapper suits chasing other men in even more dapper suits. But that was not what
Howard A Schmidt had to say at the Information Security (Infosec) 2008
Conference held in Mumbai. In fact he paid a lot of emphasis on the importance
of information security in each and every aspect of any business environment.
Why is security so important?
Most of the speakers at Infosec'08 talked about how IT security is not new
for any business, but how proper deployment of security plays a very crucial
role in the success of any organization. Pointing to the importance of security,
Schmidt said, 30 percent of most companies have no clue about security, while
50 percent know about the existing security threats. Recognizing where the
problem lies and finding the required solution can avoid major disasters of
entire systems on the network crashing.
Raghu Raman, CEO, Mahindra Special Service Group talked about how most
companies fobbed off IT related responsibilities entirely on the CIO or CTO.
During his presentation Presenjit Shah, VP and Global Head-Enterprise Security
Solution, Wipro pointed out that most small and medium businesses (SMB) think
they are small companies and therefore might not come under any risk. It is
imperative that they understand the risk profile in a network or else their
business would change drastically. This is precisely where risk management is
needed.
Throw away the RoI calculator
In his presentation Akhilesh Tuteja, Head-IT Advisory Practice, KPMG touched
upon the need for SMBs to go beyond RoI calculation when it came to budgeting
for security. SMBs have a stereotypic mindset when it comes to making investment
for security solutions expect that every investment should get adequate and
immediate returns. What they need to bear in mind is that there are some
exceptional cases, where an investment may not result in immediate returns, but
will definitely show results over time.
 |
| Howard A Schmidt
|
Tuteja also said there is 12 percent increase in the deployment of anti virus
solutions while the out breaks are 29 percent. Plus, while there was a 6 percent
increase in the usage of firewall while there was a 10 percent increase in
intrusions into the network.
Here is a gap between the solutions deployed and the rate of offense
occurrence. To trim down the frequency of disasters, it is important to reduce
the gap between deployments of solutions and the frequency of information
breach, Tuteja advised.
Info-security: a basic hygiene
A Dhananjay, Chief Compliance and Risk Officer, Aditya Birla Financial
Service put security of information in a different light. According to him
information security can't be treated as an investment sector. It is a basic
hygiene factor. He expressed his own different opinion about info-security. He
said, One key success factor to avoid information breach is controlling people.
How tightly an organization maintains its manpower is going to play equal role
in avoiding crimes.
First aid
Most speakers at Infosec 2008 concurred deployment of an IT head is a better
idea for risk management. Having an IT head who is available to the company at
all times, will ensure that the system is up and running continuously. Infosec
2008 put light to the darker sides of info-security management. The
presentations delivered by experts in different verticals of security were
eye-opening as it shed light on the need of deployment of security solution at
all levels of an organization.
The event showcased how solution providers should shoulder the responsibility
of educating their clients about info-security. At the same time, SMB
participants got a first hand account on the importance of having the right
security solution mix within their network.
ARCHANA SWAMY
archanas@cybermedia.co.in Page(s) 1
| 
