Friday | 10 July, 2009
CSO
IT security strengthens in public sector
Julian Bajkowski (Computerworld) 02/04/2004 08:08:59

Australian enterprises are at substantial risk of being sucker-punched by hackers because of their overly relaxed attitude to IT security the regional director of Check Point, Scott Ferguson, told the inaugural CIO Government Conference in Canberra this week.

Ferguson said that although most of the public sector areas were getting their act together in terms of IT security, the commercial sector was still focused on the cheap and easy convenience of mobility devices with little forethought for potential impacts on enterprise networks.

“You’re not going to like this… but Australians are early adopters who take the most cost-efficient devices and make them do things they were never supposed to do. In terms of security, we are now behind the eight ball,” Ferguson said, adding that a budding enterprise romance with mobility devices such as 3G phones and PDAs could turn ugly if not nailed down at both network and application layers.

Ferguson revealed that an Australian based funds management organization had recently been forced to shut down operations and send its entire workforce “home for the day” when its network was declared so infested it had to be unplugged; he declined to name the firm for legal reasons.

“With Blaster, 52 percent of attacks came from within the network. That’s [because] people take their laptops home, contractors plug into networks, and the like. Government needs to become involved [in promoting security best practice] and start to become the leader in secure architecture,” Ferguson said.

A federal government IT infrastructure manager said that while there was an awareness of the inherent risks that accompanied mobility-based devices, there were also significant benefits that could be harnessed if “substantial threats could be checked at the door”.

“It’s a matter of choosing wisely. You need to have devices with a bit of shelf life because by the time you get a secure solution, you still want that [technology] to be useable. In terms of assets, a Holden Commodore is still a Holden Commodore even though they give it a nose and bum job. "If they change the keyless entry, then that’s an issue for us to worry about,” the manager said.

More about Holden, Into networks

Comments

Post new comment

Login or register to link comments to your user profile, or you may also post a comment without being logged in.
The content of this field is kept private and will not be shown publicly.
Enter the fully qualified URL, eg. http://www.example.com/
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Add to Google
Additional Resources
Newsletter Subscription
Sign up for our CSO Online newsletters!
RSS Feeds
Syndicate content
 
Get a job Careerone
Whitepaper


Read Whitepaper

The business justification for data security

In the information security world we face two major types of threats: "noisy" threats which directly interfere with our ability to do business and "quiet" threats which cause real damage, but don't necessarily prevent people from doing their jobs. Read on to discover how to combat both types of threats and to justify the use of data security within your business.

Sponsored Links