Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

The Enemy Without

Page:

On the Rise

What we do know is increasingly disturbing. A study of computer use in Australia's top 350 organisations in 1999 by the Victorian Computer Crime Squad and Deloitte Touche Tohmatsu found one in three had recorded unauthorised computer use and in 20 per cent of cases data was altered or destroyed.

IDC recently warned security breaches in the form of corporate espionage, cyberactivism, and cyberterrorism will become more prevalent in the form of vandalised Web sites, denial of service at e-commerce and support sites, and breach of trust. The research firm cites IT managers as saying 56 per cent of all discovered security breaches were illegally performed by internal people. In Australia, an encounter with a security breach such as a virus attack or unauthorised access to corporate resources is the primary driver motivating IT managers to deploy security measures for their enterprise, the research company says.

Access control will re-emerge as a new market to address internal threats and rising concern about the vulnerability of corporate data, according to IDC. It also predicts that the intrusion detection and vulnerability assessment sub-segments will become extremely popular, due to increasing concern of both external and internal threats.

"Enterprise focus on these areas will shift to a more equal balance between internal and external threats. In addition to virus assaults, unauthorised activities such as access to company information, usage of company IS systems, and modification of terminal configurations are the next most familiar types of security infringements Australian enterprises have come across. As enterprises open their virtual networks to accommodate the exchange of information and resources via the Internet, intranets, and extranets, these enterprises concurrently fall vulnerable to having undesired parties tamper and misuse corporate data and resources.

"This problem is further exacerbated by the fact that violations such as these are sometimes carried out not just by outsiders but by internal staff as well," IDC says.

But there can still be no definitive answer to the question: "How much of a threat is industrial espionage?"

Page:

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: AusCert, Australian Computer Emergency Response Team, Carnegie Mellon University, CERT, Computer Emergency Response Team, Computer Security Institute, Defence Department, Deloitte Touche Tohmatsu, Deloitte Touche Tohmatsu, Drake, eSec, FBI, Good Guys, IDC, Janteknology, Kroll, Mellon, Netsafe, PeopleSoft, PricewaterhouseCoopers, PriceWaterHouseCoopers, Wall Street

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • Focus & Invest in Business & Customers
    In an ever-changing economy, organisations are challenged to develop and maintain technology investment strategies that maximise process improvements and cost savings without compromising future growth. These organisations will emerge leaner and more competitive through economic cycles. And they will more likely have a firm technology foundation capable of adapting over time. Read more.
    Learn more »
  • Stella Travel Services embarks on a strategic refresh of print operations
    Stella Travel Services embraces Managed Print Services (MPS) to deliver savings, centralise and consolidate print operations in order to gain control of print costs and streamline IT support. Read more.
    Learn more »
  • Simplifying branch office security
    Securing your business network is more important than ever. Malware, botnets and other malicious programs threaten your network—at your central offices and your branch offices alike. Yet enforcing consistent network security throughout your enterprise can be challenging—especially for those of you with branch offices with few users and no IT expertise. This paper introduces a new standard—an innovative, unified, cost-effective solution for managing branch office security, with centralised reporting and a clear process for determining return on investment (ROI).
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments