[ISN] Unscrupulous Security Firms Prey on Unsuspecting Users

From: mea culpa (jerichot_private)
Date: Thu Apr 23 1998 - 14:00:22 PDT

  • Next message: mea culpa: "[ISN] Re: Pentagon Cyber-Hackers Claim NASA Also Cracked"

    [Moderator: Here is yet another theme that keeps popping up that
     really needs to die. First IBM, now Gartner Group, claim that 
     they are stock full of "white hat" ethical hackers, while all these
     other companies are full of "grey" or "black" folks. Simple fact
     is, IBM hires a mix, and I would bet at least one or two of most
     major security companies have 'hackers' on staff, whether they 
     know it or not. Most 'hackers' I know can dress in shirt and tie
     and play corporate very well.]
    Forwarded From: Nicholas Charles Brawn <ncb05t_private>
    Jo Pettitt
    IT security companies are ripping off users, a senior security analyst from
    Gartner Group has claimed.
    Speaking at the Gartner Predicts conference in Paris this week, Helen Flynn
    said security firms were promising more than they can deliver,
    overcharging, and failing to meet users' needs.
    She said, "There are major shortcomings in most security products available
    today. Suppliers tend to focus on the soundness of their products and their
    functionality, all the bells and whistles.
    "However, when users come to implement these products, they find they don't
    match their requirements."
    Flynn added that, owing to the drain on finances from year 2000 and
    economic and monetary union work, companies did not have enough funds to
    put effective security solutions in place.
    "Worldwide, users are spending about 5%-8% of their IT budget on security.
    If they actually wanted to achieve the same level of security they had in
    the days of the mainframe, they would need to be spending 15%-25%."
    Flynn added that security firms were not helping the situation. She said,
    "There are too many individual products. It is too expensive for users to
    buy every one; they need more integrated solutions."
    All these factors, she said, were increasing users' vulnerability to what
    she called "grey hackers".
    "The high cost of products and lack of skills to develop better solutions
    mean users are at the mercy of certain individuals who are cashing in on
    the situation," she said.
    "These individuals are highly technically skilled, and are offering their
    services to firms looking for IT security services and checks. However,
    they are also hackers."
    Flynn predicted that the need for more integrated security products would
    eventually drive down the number of IT security providers from about 1,000
    firms today to fewer than 50 by 2003. 
    COMPUTER WEEKLY 23/04/98 P4 
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Dimensional Communications (www.dim.com)

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:51:26 PDT