ARN Innovation Awards
IDCs "SecurityVision 2004" Event Addresses The Three Ps Of Security Issues Within The Enterprise
- 12 March, 2004 16:27
<p>Sydney, March 12th, 2004 - With viruses such as MyDoom and Bagle.B terrorizing enterprises all over the world, Chief Security Officers and leading IT Vendors are converging in Sydney on the 17th March 2004, at the Star City Hotel, for IDC's "SecurityVision 2004", Securing Business Resilience event to hear industry thought-leaders present on this hottest of issues.</p>
<p>IDC analysts and IT vendors, including Symantec, APC, Microsoft, Surf Control, Check Point Software, Trend Micro and Citrix will present on multiple topics, and address the various aspects that enterprises need to consider when defining and implementing their security strategies.</p>
<p>This event will help organisations address & answer the following questions:
* Are you making the right Security purchasing decisions?
* Are you maximising on existing security investments?
* Can your organisation afford downtime, or is a continuous environment a minimal expectation?
* Do you understand all of your security options for current and future planning?
* Do you understand all of the security challenges you face and do you understand them completely?</p>
<p>The world has changed and security is no longer a technology issue. In fact, technology is only one feature within the broad security landscape. All enterprise businesses must address security from a risk management perspective to determine company policies, and then focus on educating their people to ensure optimum compliance to best practices within the organisation.</p>
<p>The Three Ps
"It's about Policies, People and Processes," said Natasha David, Research Manager, Security/Infrastructure Software, IDC Asia /Pacific. "When addressing policies, enterprises need to look at privacy, security and business continuity. Enterprises must deploy policy-based technology and then ask the question, is it in line with our business goals? These policies must be endorsed by C-level executives within the organisation, then be enforced down to the technology level. So it's not about firewalls, virus updates or email scans - that's all just part of a much bigger picture."</p>
<p>"Security must be enforceable down to the end-user level, because the 'perimeter' is no longer the firewall, with PDAs, mobile phones, laptops, WLANs, and so on, all part of your enterprise today," continued Ms David. "People are the second 'P', and that means change management. With People it's all about education, creating awareness, IT resources and agreement on who determines the security strategy - IT or business? At IDC, we believe that C-level executives must be driving the security strategy. Currently, 60% of enterprises worldwide are driving their security policies from the IT or IS manager level, with only 17% being driven by business managers. This obvious liability is becoming a massive issue and company directors need to take the lead."</p>
<p>Finally, Ms David points to the third 'P': Processes. "As the entire enterprise converges, they need to address the issue of integrating physical and network security. Processes play a key element in an organisation's overall security footprint. Processes identify a security instance as a priority, for example, authentication processes or identity management, and define detailed security procedures relevant to all areas of the business. From front door access to online exchanges with customers, potential risks must be identified and processes determined early."</p>
<p>Industry Leaders Agree
"The security landscape has evolved dramatically over the past few years. As the discovery of a vulnerability to an exploit rapidly shrinks, the interest of security at the boardroom level has rapidly increased," commented Cath Hodgson, Senior Director, Asia Pacific Marketing, Symantec Corporation. "To that end, every executive - from the CEO to the CFO - should be directly involved in the people, process, and technology issues that relate to security. I appreciate IDC's endeavor to support and harness focus around the critical security issues facing enterprise businesses today."</p>
<p>"Security threats through the Internet are fast changing, as shown in the recent number of security incidents with Blaster, MyDoom and its variants. Unfortunately, there are still many people that continue to exploit vulnerabilities and misuse technology to the detriment of enterprises and consumers," said Meng-Chow Kang, Chief Security & Privacy Advisor, Asia Pacific & Greater China Regions, Microsoft Asia. "At Microsoft, security is a top priority, and is consistent with our vision of Trustworthy Computing. We have taken and continue to take, aggressive steps to increase computer security to safeguard the interests of our customers and the broader community of computer users."</p>
<p>"The comprehensive coverage of changing threats, industry solutions, and best practices at IDC's SecurityVision Conference will provide a useful forum for IT security practitioners and decision makers to understand evolving trends, and what they can do to secure their businesses. Microsoft is delighted to be a Platinum Sponsor to make this forum available to our customers," concluded Mr. Meng-Chow Kang.</p>
<p>For further information, please go to http://www.idc.com.au/events/securityvision/ or for interviews with one of the speakers, please contact: Belinda Johnson on ph: 02-9925 2236 or email: email@example.com</p>