Companies demand IT security assurances

Exclusive research reveals how organisations are using strong security as a selling point

Written by Bryan Glick

Computing, 23 Feb 2005

More than half of UK organisations are now required by their customers or suppliers to provide formal assurances on IT security, according to exclusive Computing research.

And 49 per cent of the survey respondents say they actively promote the strengths of their IT security to build relationships with clients.

The research, conducted in association with IT supplier Unisys and covering 200 public and private sector organisations, also shows that 72 per cent of UK organisations now employ an individual with specific responsibility for security - 59 per cent of whom either sit on the company board or report directly to the senior executive team.

Security expert Neil Barrett, author of the book Traces of Guilt, says companies are working together much more closely, meaning they also have to tie their systems together more closely.

'If one company is vulnerable, then the other also gets scuppered,' said Barrett. 'Both sides need to be protected from one another.'

Barrett says that companies typically look for evidence of technical and organisational standards for IT security, such as the technology in use, the processes in place, and measures for reporting or escalating problems.

'But often the assurances are kept at the policy level, rather than looking at things such as penetration testing reports to check conformance to the standards,' he said.

Hackers are increasingly trying to exploit the commercial relationships between companies to extend their attacks.

'It is not a big step for them to run riot across links between organisations,' said Barrett. 'Viruses spread quickly through business trust networks, the same as they do between friends.'

But the increasing awareness of security problems in firms is not always leading to greater co-operation between business and IT functions.

The research suggests that in 63 per cent of companies, IT is the only department involved in planning security strategy.

What do you think? Email feedback@computing.co.uk

If you want to be first with the news, visit Computing every day.

Tags:

reader comments

related articles

Laptop security lacking

IT managers ignore mobile security

Blame the user instead 06 Apr 2005

 

Will you pass the access test?

Remediation techniques will stop insecure systems linking to networks, at a cost 24 Feb 2005

related whitepapers

today's top stories

Security

Technology and privacy

Watch part one of a two-part Computing roundtable debate on the importance of putting data privacy issues at the heart of your IT plans 01 Dec 2008

The Industry View

Got the Knowledge?

Last week the civil service published a new strategy to help government seize the opportunities and meet the challenges of managing knowledge... 01 Dec 2008

Communications

Q&A - ntl:Telewest Business managing director Stephen Beynon

The cable provider's chief talks about the future of next-generation broadband access in the UK 28 Nov 2008

Management

Computing podcast - Standard Life's offshoring plans; and the prospects for government IT

The insurance giant outlines its new outsourcing strategy; and we ask if the government's economic bailout will affect its IT plans 28 Nov 2008

Talking Outsourcing

India will remain open for business - but that's not the real story

One of the duties I have to fulfil as a director of the National Outsourcing Association is to talk to the media... 28 Nov 2008

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Advertisement

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Will the terrorist attacks in Mumbai affect your offshoring plans?

Will the terrorist attacks in Mumbai affect your offshoring plans?

Is India becoming a risky destination?

Previous poll results

> More polls

Latest audio and video articles

Padlocked CDVideo

Technology and privacy

Watch part one of a two-part Computing roundtable debate on the importance of putting data privacy issues at the heart of your IT plans 01 Dec 2008

Podcast imageAudio

Computing podcast - Standard Life's offshoring plans; and the prospects for government IT

The insurance giant outlines its new outsourcing strategy; and we ask if the government's economic bailout will affect its IT plans 28 Nov 2008

> More audio and video

Latest in-depth articles

ntl:Telewest's Stephen BeynonAnalysis

Q&A - ntl:Telewest Business managing director Stephen Beynon

The cable provider's chief talks about the future of next-generation broadband access in the UK 28 Nov 2008

cowboyFeatures

Guns for hire

David Neal explores the world of interim CIOs and discovers why more firms are turning to them to spur on IT-led change 27 Nov 2008

> More in depth articles

Advertisement

Primary Navigation