“Information systems security. Computer and network security.
Internet security. It’s a complex world, and growing more so every
day. With these changes, some truths and approaches to security
remain the same, while others are new and radically different.
Developing a sound security strategy involves keeping one eye on
the reality of Internet-speed changes in threats and technology,
and the other on the reality of the corporate environment.
Purchasing security devices is easy. Knowing how and what to
protect and what controls to put in place is a bit more difficult.
It takes security management, including planning, policy
development and the design of procedures….”
“Between the vastness of this space and the services available,
there are countless potential avenues of attack. Attackers don’t
even have to be particularly smart, skilled or patient to develop
an attack. Through the ease of “user friendly” software, and with
the ubiquity of methods for simple file distribution, anyone with a
computer is a potential at- tacker. No special skills are required.
Launching attacks is within the reach of anyone with a
mouse….”
“Security is an investment, not an expense. The challenge is to
get this point across to upper management. Investing in computer
and network security measures that meet changing business
requirements and risks makes it possible to satisfy changing
business requirements without hurting the business’ viability.
Properly secured servers let corporate information be shared with
salespeople in the field and with business partners. Improperly
configured systems lead to data loss or worse.”