Business Services Industry
Technology Managers Downplay Internet Access Security Risk
Business Wire, June 19, 1995
SAN MATEO, Calif. and CARLISLE, Penn.--(BUSINESS WIRE)-- June 19, 1995--At a time when record numbers of corporations are giving employees access to the Internet, relatively few managers of information services are implementing adequate safeguards to protect corporate information assets. These are the findings of a survey by Open Computing, a publication of The McGraw-Hill Companies, and the National Computer Security Association (NCSA).
The study, which is summarized in the July issue of Open Computing, reveals that companies which allow Internet access to and from their enterprise computer systems are eight times as likely to be illegally broken into -- "hacked" -- than companies which don't allow Internet access.
Overall, 14 percent of survey respondents reported being hacked; 11 percent "didn't know" if they had been hacked, and 75 percent said they had not been hacked. According to these results, most IS managers feel their networks are safe from illegal entry. However, when queried further regarding specific network security measures, nearly a quarter of information managers who acknowledge their sites have been hacked don't use a firewall -- a critical network security precaution -- and another 22 percent don't know if they do.
Although 75 percent of respondents indicate they haven't been hacked, David Flack, Editor in Chief of Open Computing, points out, "part of the problem is that companies often don't have any way of knowing they've been hacked. But also, we know there is widespread under-reporting of security breaches. This should be an issue of concern for corporate stakeholders who probably want to know how well a company is protecting its information assets."
Open Computing and NCSA surveyed 390 information managers with security responsibilities at large corporations in an attempt to understand the prevalence of corporate network security breaches, and such issues as where information security experts see vulnerabilities, and what precautions are being taken to prevent insecure networks. The survey data was published in the July issue in a series of articles on the management of security risks.
"Organizations are required to demonstrate due diligence in protecting information assets," said Peter Tippett, President of NCSA. "Programs like NCSA's IS/Recon (InfoSecurity Reconnaissance) provide security groups with data regarding immediate threats from the underground and permit a proactive response," Tippett continued. "Firewalls should be employed and properly configured in this age of world-wide connectivity."
Highlights of the survey results are available now at Open Computing's Home Page on the World Wide Web at http://www.wcmh.com/oc. A hard copy of these highlights will be available at the McGraw-Hill booth # 4146 at PC Expo in New York, June 20-22. In addition, interested parties can contact Open Computing at 415-513-6800 for a complete hard copy of the report.
Open Computing and NCSA representatives will discuss the research and the issue of information security in upcoming online events, including a CompuServe event on July 19th at 2:00 p.m., EST on NCSA's InfoSecurity Forum (GO NCSAFORUM); and a Microsoft Network event scheduled for June 29th, at 7:00 EST.
Open Computing is a monthly McGraw-Hill Companies publication read by 125,000 information services (IS) and information technology (IT) business decision-makers who are responsible for the strategic deployment of information solutions throughout their enterprises. Open Computing OnLine is the electronic information source for integrating business and technology across the enterprise and can be accessed via the Internet at http://www.wcmh.com/oc. UnixWorld OnLine is an electronic source of technical information for users of UNIX operating systems and other open-system platforms and can be accessed via the Internet at http://www.wcmh.com/uworld.>The National Computer Security Association (NCSA) is the premier provider of security, reliability, and ethics information and services. NCSA provides information security-related training, testing, research, product certification, underground reconnaissance, help-desk and consulting services. In addition to supporting over 30,000 individual and online members, NCSA hosts industry consortia like the Anti-Virus Product Developers and the Internet Firewall Product Developers consortium. NCSA's IS/Recon (InfoSecurity Reconnaissance) program provides organizations with a suite of comprehensive tailored online information services including sophisticated threat analysis and underground research and reporting.
CONTACT: Slider & Associates
Susan Lider, 415/321-2084
or
NCSA
Tom Kelchner, 717/258-1816
- 5 Rules for Immediate Annuities
- Death in the Family: 12 Things to Do Now
- Dumbest Things You Do With Your Money
- 6 Online Networking Mistakes to Avoid
- 401(k) Mistakes to Avoid
- 5 Economic Scenarios to Keep You Up at Night
- The Real ‘Best Places to Retire’
- Best Credit Cards for You
- 12 Tough Questions to Ask Your Parents
- The Real ‘Best Colleges’
- Home Buyer Tax Credit: How to Cash In
- Why You Shouldn't Bash Cash
- 8 Phony 'Bargains' and Better Alternatives
- Danger: 3 Debit Card Scams to Avoid
- 6 Myths About Gas Mileage
- 29 Fees We Hate Most
- Quick and Easy Ways to Boost Returns
- Best Stocks to Buy Now
- Lower Your Taxes: 10 Moves to Make Now
- New Jobs: 8 Lessons from Real-Life Career Switchers
- The New Job Market: Who Wins and Who Loses?
- Health Care Reform's Public Option: Everything You Need to Know
- Volunteer Work When Unemployed: Should You Work for Free?
- Whose Recovery Is This?
- Long-Term-Care Insurance: 4 Biggest Risks to Avoid
Content provided in partnership with
Most Recent Business Articles
- Multiple criteria evaluation and optimization of transportation systems
- Multi-criteria analysis procedure for sustainable mobility evaluation in urban areas
- A two-leveled multi-objective symbiotic evolutionary algorithm for the hub and spoke location problem
- Multi-criteria analysis for evaluating the impacts of intelligent speed adaptation
- The development of Taiwan arterial traffic-adaptive signal control system and its field test: a Taiwan experience
Most Recent Business Publications
Most Popular Business Articles
- 7 tips for effective listening: productive listening does not occur naturally. It requires hard work and practice - Back To Basics - effective listening is a crucial skill for internal auditors
- FAS 109: a primer for non-accountants - Financial Accounting Standards Board's "Statement 109: Accounting for Income Taxes"
- LIFO vs. FIFO: a return to the basics
- Design a commission plan that drives sales - Sales Commissions
- Using object-oriented analysis and design over traditional structured analysis and design
Presented by American Express