[ISN] Security Still an 'Afterthought'

From: InfoSec News (isnat_private)
Date: Sun May 12 2002 - 23:29:46 PDT

Next message: InfoSec News: "Re: [ISN] Security myths costing firms"

Previous message: InfoSec News: "[ISN] Team tackles Windows security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.eweek.com/article/0,3658,s=701&a=26622,00.asp

By Dennis Fisher
May 9, 2002 

LAS VEGAS -- Despite the current emphasis on security in the IT
industry, CIOs and IT managers are still not paying enough attention
to the problems facing their organizations, a panel of security
experts said Wednesday.

"Security is still very much an afterthought," said Robert Thomas, CEO
of Netscreen Technologies Inc., of Sunnyvale, Calif. "It's reactive
and not proactive."

Thomas' comments came during a keynote panel discussion at the
NetWorld+Interop show here that also included representatives from
Network Associates Inc., Enterasys Networks and Internet Security
Systems Inc.

The other panelists echoed Thomas' sentiments, saying that although
security currently is getting a lot of attention, the basic
infrastructure of the Internet and corporate networks is still
fundamentally vulnerable.

"The reality is, everything is vulnerable. I just don't believe that
we'll ever get ahead of the attacks," said John Roese, chief
technology officer of Enterasys, of Portsmouth, N.H. "There will
always be a threat, and you'll never be completely protected. I'm
disturbed that most enterprises don't have the mechanisms to react to
things like Code Red and Nimda."

That lack of readiness extends to the government and its vital
networks, said Christopher Klaus, co-founder and CTO of ISS, of
Atlanta.

"Any system that the government says isn't connected to the Internet,
that's false," said Klaus, whose company does quite a bit of work with
the government. "There's always some engineer who needs to get his
e-mail and he plugs the machine into the Internet."

And, although many enterprises revisited their security plans after
Sept. 11, that hasn't necessarily translated into a boon for security
vendors.

"The increase in spending on security products hasn't been that big,"  
said Sandra England, vice president of business development and
strategic research at Network Associates, of Santa Clara, Calif.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "Re: [ISN] Security myths costing firms"
Previous message: InfoSec News: "[ISN] Team tackles Windows security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon May 13 2002 - 03:55:01 PDT