• Great articles on other sites
  • RSS Great articles on other sites

  • Enterprise IT, News - Written by on Wednesday, February 29, 2012 11:44 - 0 Comments

    Hacks focus CIOs on IT security

    news After the spate of high-profile hacking incidents in 2011, Australian CIOs and IT and security managers are taking no chances this year. According to new research by local analyst firm Telsyte, Australian enterprises will increase their security spending and change their information security strategies in 2012.

    Telsyte said that it surveyed more than 320 senior IT executives on their information security priorities, spending intentions, and products and services usage as part of the Telsyte Australian CIO information security priorities study 2012, which the company claims is one of the largest local market research studies of its type.

    The study indicated that nearly a quarter of Australian enterprises plan to change their security strategies as a result of the events of 2011. It said that an increased awareness of security among the board and senior management members represented the most significant strategic shift. There is also going to be more focus now on operating system security, backups and disaster recovery.

    According to Telsyte senior analyst Rodney Gedda, for many Australian CIOs and security engineers, the untoward events of 2011 have turned into a blessing. “Security is often viewed by senior management as an unwanted operating expense, but when the company’s reputation and revenue is exposed, as demonstrated so flagrantly last year, security becomes more strategic,” said Gedda.

    Going by Telsyte’s research, security spending is also on the up with 29 per cent of organisations planning to increase their budget in 2012.

    “With security spending on the up this year, CIOs are looking to engage with numerous providers to defend their organisations against increasingly multi-faceted threats,” said Gedda. The top security priorities for CIOs is stopping malware and preventing external attacks, but there is an increasing amount of concern around the threat that mobile devices like smartphones and media tablets pose, as well as cloud computing. The study pointed out that approximately 20 per cent of CIOs rate mobile and cloud security as a critical priority and around one-third rate them as very important.

    “While mobile and cloud security are still relatively low on the security priority list for CIOs, these will become an increasing priority, particularly if there are high-profile incidents relating to these two trends,” said Gedda. He added, “A significant percentage of organisations have experienced at least one information security breach over the past 12 months, indicating threats are very real and require constant defence. Mobile security incidents outnumber cloud data breaches, but with the events of 2011 looking to continue this year CIOs need to be prepared for a high-profile security incident outside their organisation’s borders.”

    It’s all very nice to say that CIOs are increasing spending on security, but what does this really mean? IT security vendors have known for a very long time that the desktop PC security market — where most of the threats come into organisations — has been commoditised. Virtually every large organisation has a comprehensive anti-virus/anti-malware ‘kitchen sink’-style suite installed on their employees’ desktop PCs and has had for years.

    The same is often true of server environments. Firewalls, server-side email anti-spam/anti-malware suites, server protection tools, off-site backup and disaster recovery … much of this has been in place for years. And physical building security is pretty well understood.

    One area which I would think organisations would need to look more closely at would be more discrete data protection. That is, not just throwing a security blanket over an organisation’s entire data set, but looking at what sets of data are critical to the organisation and need to be protected with higher levels. Any data used by the top levels of executive management, for starters: You don’t want the CEO’s email or the CFO’s spreadsheets being stolen. Customer database, secret product development initiatives; this kind of stuff.

    Anything that’s going to provide the organisation with a sustainable market advantage, or threaten ongoing operations, probably needs a higher level of protection than run of the mill information.

    I would also bet that some organisations are starting to invest, finally, in data encryption. For the longest time, corporate data has been firewalled off and scanned for malware; but it hasn’t been encrypted. But mass corporate encryption, with the tools to do so centrally administered, could do a lot for data leakage. Even if you can steal the data, it won’t mean much if it’s scrambled.

    Opinion/analysis by Renai LeMay

    submit to reddit

    Leave a Comment


  • Get our 'Best of the Week' newsletter on Fridays

    Just the most important stories, one email a week.

    Email address:

    Follow us on social media

    Use your RSS reader to subscribe to our articles feed or to our comments feed.

  • Most Popular Content

  • Enterprise IT stories

    • Super funds close to dumping $250m IT revamp facepalm2

      If you have even a skin deep awareness of the structure of Australia’s superannuation industry, you’ll be aware that much of the underlying infrastructure used by many of the nation’s major funds is provided by a centralised group, Superpartners. One of the group’s main projects in recent years has been to dramatically update and modernise its IT platform — its version of a core banking platform overhaul. Unfortunately, the $250 million project has not precisely been going well.

    • Qld’s Grant joins analyst firm IBRS peter-grant

      This week it emerged that Peter Grant, the two-time former Queensland Whole of Government CIO (pictured), has joined well-regarded analyst firm Intelligent Business Research Services (IBRS). We’ve long had a high regard for IBRS, and so it’s fantastic to see such an experienced executive join its ranks.

    • Westpac dumps desk phones for Samsung Android mobiles samsung-galaxy-ace-3

      The era of troublesome desk phones tied to physical locations is gradually coming to an end in many workplaces, with mobile phones becoming increasingly popular as organisations’ main method of voice telecommunications. But some groups are more advanced than others when it comes to adoption of the trend. One of those is Westpac.

    • Ministers’ cloud approval lasted just a year reverse

      Remember how twelve months ago, the Federal Government released a new cloud computing security and privacy directive which required departments and agencies to explicitly acquire the approval of the Attorney-General and the relevant portfolio minister before government data containing private information could be stored in offshore facilities? Remember how the policy was strongly criticised by Microsoft, Government CIOs and Delimiter? Well, it looks like the policy is about to be reversed.

    • WA Govt can’t fund school IT upgrades oops key

      In news from The Department of Disturbing Facts, iTNews revealed late last week that Western Australia’s Department of Education has run out of money halfway through the deployment of new fundamental IT infrastructure to the state’s schools.

    • Turnbull outlines Govt ICT vision turnbull-5

      Communications Minister Malcolm Turnbull has published an extensive article arguing that the Federal Government needed to do a better job of connecting with Australians via digital channels and that public sector IT projects needn’t cost the huge amounts that some have in the past.

    • NZ Govt pushes hard into cloud zealand

      New Zealand’s national Government announced a whole of government contract this morning for what it terms ‘Office Productivity as a Service’ services. This includes email and calendaring services, as well as file-sharing, mobility, instant messaging and collaboration services. The contract complements two existing contracts — Desktop as a Service and Enterprise Content Management as a Service.

    • CommBank reveals Harte’s replacement whiteing

      The Commonwealth Bank of Australia has promoted an internal executive who joined the bank in September after a lengthy career at petroleum giant VP and IT services group Accenture to replace its outgoing chief information officer Michael Harte, who announced in early May that he would leave the bank.

    • Jeff Smith quits Suncorp for IBM jeffsmith4

      Second-tier Australian bank and financial services group Suncorp today announced that its long-serving top technology executive Jeff Smith would leave to take up a senior role with IBM in the United States, in an announcement which marks the end of an era for the nation’s banking IT sector.

    • Small business missing the mobile, social, cloud revolution iphone-stock

      Most companies that live and breathe the online revolution are not tech startups, but smart smaller firms that use online tools to run their core business better: to cut costs, reach customers and suppliers, innovate and get more control. Many others, however, are falling behind, according to a new Grattan Institute discussion paper.

  • Blog, Enterprise IT - Jul 5, 2014 13:53 - 0 Comments

    Super funds close to dumping $250m IT revamp

    More In Enterprise IT

    Blog, Telecommunications - Jul 5, 2014 12:12 - 0 Comments

    What should the ACCC’s role be in guiding infrastructure spending?

    More In Telecommunications

    Analysis, Industry, Internet - Jun 23, 2014 10:33 - 0 Comments

    ‘Google Schmoogle’ – how Yellow Pages got it so wrong

    More In Industry

    Blog, Digital Rights - Jun 30, 2014 22:24 - 0 Comments

    Will Netflix launch in Australia, or not?

    More In Digital Rights