What was once a great science- fiction movie plot has become an alarming wake-up call for network administrators everywhere. Stories such as "Hacker breaks into government network" and "IRS fraud linked to security holes" are headlining national news almost weekly.
So why the growing frenzy concerning computer and network security? Because the problem can no longer be ignored: numerous studies during the past few years have shown increasing financial losses for companies based on security weaknesses. In a recent Computer Security Institute (CSI) study, 520 respondents admitted to corporate losses totalling $US136 million - with 64 per cent of them admitting to a computer security breach in the past year. That's a 16 per cent increase over the previous year.
The glaring headlines you've seen only scratch the surface of this emerging security landscape. Security has become an increasingly important concern for all companies as they boost network connectivity internally and across the Internet, along with implementing Internet commerce solutions. To meet the demand this increased connectivity has generated, companies are boosting security staffs by 15 per cent and security budgets by 20 per cent, according to the CSI study.
Security companies and mainstream vendors alike are merging and acquiring at a breakneck pace to meet this trend. Network Associates' acquisition of Trusted Information Systems, Cisco's acquisition of WheelGroup, and the Axent/Raptor merger demonstrate how companies are moving to provide a complete security solution for your enterprise. And new security companies are sprouting like weeds.
None of us in the security field are surprised. Few companies implement even the simplest security precautions, and even fewer monitor their networks and systems for malicious activity.
As security moves to the forefront of the networking landscape, Security Watch will give you the inside scoop on industry trends, product innovations, and security holes as seen from our perspective as analysts in the Infoworld Test Centre.
We intend to track down and test new and old security vulnerabilities in order to tell you how "crackers" find holes and use them to violate networks. We'll also put these attacks into context and suggest ways to plug these holes through a timely Hack Report. Using the recently developed Infoworld Security Suite (IWSS), we can confirm security holes and provide a baseline for how well new security products protect against prowling crackers.
This column will also act as a forum for discussing security concepts that are essential to protecting your network and computer systems. We'll discuss the best use of encryption, public-key infrastructures, intrusion-detection products, and other key security tools in an attempt to clarify the confusion that surrounds these emerging technologies.
As more companies expand their connectivity, the need for security will only increase and the hacking horror stories will only get more gruesome. We hope this column will provide vital information and cut through the hype to keep you ahead of the curve.
Security is important to your business. But does your company dedicate adequate time and resources to manage it? Have you been victim to a computer security breach? Tell us what security concerns keep you awake at night at firstname.lastname@example.org.
Test Centre support manager Stuart McClure and technology analyst Joel Scambray have managed information security in academic, corporate and government environments for the past nine years. They currently test dozens of security products, from firewalls to security auditing solutions, in search of new ways to improve enterprise network security.