Site Network: Beskerming.com | Skiifwrald.com | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at Sûnnet Beskerming.

Username: | Password: Contact us to request an account

Shrinking InfoSec Budgets or not, it can Still go Wrong

Information Security is a difficult thing to get right, especially when new attack methods and vulnerabilities are continually being discovered and exploited, and defensive practices and methodologies change and evolve over time. It is also difficult to justify an often costly process (though it doesn't always have to be) that has no readily apparent return. Mix in a healthy dose of snake oil and the result is something that daunts many people and traps the over-confident.

Melbourne's The Age newspaper recently reported that companies are beginning to cut back their Information Security expenditure, even in the face of continuing threats and growing levels of breaches and other attacks against systems. With a continuing financial crisis, it shouldn't be much of a surprise to see budgets shrinking, but the risk is that it opens up systems and data stores to easier risk of compromise. That compromise may not happen before budgets are improved, but it is still a risky step. With the various business failures and high profile breach reporting that has taken place in the last couple of years, the assessment may even be that a breach isn't necessarily a major problem.

It is telling, though, that the study that brought forward these figures was commissioned by an Information Security vendor, McAfee.

At the other end of the scale, a report via Gov InfoSecurity highlights the failure of a $433 million USD project undertaken by the Los Alamos National Laboratory to secure classified computer networks over several years.

The project achieved some results, but the systems and networks are still apparently plagued with significant weaknesses that do not adequately protect the data on the systems. For an institution where classified research is carried out, and one that is also partly responsible for research on nuclear weapons, this reporting can only be an embarrassment.

18 November 2009

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.