DUBAI, UAE, December 8 /PRNewswire/ -- More than ever, information is regarded by business and corporations as a highly valuable, tangible asset. Unfortunately, this value is also recognised by sophisticated groups able to mount attacks at any time and from anywhere, making organisations even more reliant on their information security team for effective defence.
Until recently, the threats to corporate information security came from individual hackers acting alone and largely for the peer prestige they earned but this threat has now evolved into the domain of more effective, well organised criminal groups who even fund their own research, with the aim of financial gain.
This was the stark message delivered to members of the British Business Group (Dubai Northern Emirates) IT Focus Group, at a recent meeting which attracted senior IT practitioners from across the BBG membership.
When it comes to data breaches, recent research (Source: Verizon Business, Data Breach Report 2008) presented at the meeting showed that 66 per cent of victims did not even know the data was stored on the system involved; 73 per cent of victims did not discover the breach themselves; and 87 per cent of breaches were considered 'avoidable' through reasonable controls.
The advantage clearly lies with the attackers who only have to find a single vulnerable spot, as security defenders try to identify and then plug every possible hole, said Dimitrios Petropoulos, Managing Director of Dubai-based Encode Middle East, who presented and discussed the issues with the group of IT professionals from the BBG.
The Information security industry is responding to try to safeguard access to data, he added, but it is a fast changing world and even compliance with current standards does not ensure protection or make you more secure. The past does not allow us to predict the future in information security and just because it hasn't happened yet does not mean it won't happen in the future.
The meeting discussed the potential for conflict between the needs of business and the need for security, and exchanged ideas on how information security should be managed, and by whom.
Information security is about risk management and is not an IT issue. This means that there is an increasingly compelling argument for the security department being independent from and based outside the IT organisation - it should be a business enabler, be treated as a profit centre and be invisible to the end user, said Petropoulos.
Alec Letzer, Head of IT Security, Lloyds TSB Middle East had another view: Our improvement in Dubai over the last 12 months has been dramatic. This has come about by evaluating and upgrading existing security processes and procedures with a soft but hands-on approach to reinforcing the need for security awareness and good practice at every level of the organisation, he said. We have worked with all teams to ensure that security is embedded as a personal responsibility for which everybody is accountable. In fact, this approach has led to Lloyds TSB Middle East becoming an information security model for other parts of Lloyds Banking Group.
The BBG IT Focus Group is a newly formed (July 2009) group of IT professionals from BBG member organisations and beyond, chaired by Duncan Adamson, Managing Director of Intergence Systems Middle East, who commented: This new IT Focus Group is successfully bringing together a mix of IT and non-IT professionals from across an interesting range of industries within the BBG membership, including legal, telecoms, software, recruitment and financial services.
Issued on behalf of Intergence Systems by WPR.
Notes to the Editor:
Intergence Systems is a leading independent IT Optimisation Consultancy, headquartered in Cambridge, UK, and with regional offices in the Middle East and the Americas. The company was established in 2003 in response to clients' growing requirements for high level impartial expertise in networks and IT.
British Business Group, Dubai and the Northern Emirates
The BBG was set up in 1987 to encourage the development of British business in the UAE and undertakes a wide range of activities from communicating with decision makers and testing British goods to sharing best business practice. The group holds around 80 networking events, forums and seminars each year, attracting high profile and influential business leaders and speakers from around the world.
SOURCE: Intergence Systems
CONTACT: For further information contact: Rebecca Sageman, Events and PROfficer, British Business Group, t: +971(0)4-3970303,rebecca@britbiz-uae.com; Intergence Systems ME, Duncan Adamson, Tel:+971(0)4-434-5880, Email: contactuae@intergence.com; WPR, Jonathan Walsh,M: +971(0)50-4588610, E: jon@wprme.com
Comments