ISR News: Recession Crimps Security

Excerpts from ZDNet Asia’s Vivian Yeo

Businesses in Asia that are driven by the recession to strive for leaner, meaner IT, need to consider how their cost-cutting impacts security, warn industry experts. Even as frugality is expected of IT departments this year, the move to options that support cost-cutting–including software-as-a-service (SaaS) and cloud computing–should be assessed for risk to the business, said Lawrence Ong, regional business manager for security at Datacraft Asia.

An IT risk assessment is something that businesses cannot do without this year, he added. “In IT security, risk management is dependent on the risk assessment process, which usually involves identifying threats, determining vulnerability to threats, the impact of threats and the likelihood of threats occurring.”

Judy Wu, IDC’s research manager for infrastructure software in the Asia-Pacific region, added that risk management will be a “top concern” for many large enterprises in the region, and such companies will adopt a “more disciplined” approach tapping on frameworks such as Cobit (Control Objectives for Information and related Technology), ISO 27001 and ITIL (IT Infrastructure Library). A significant number will “conduct periodic vulnerability assessments to identify the risk level, security posture and ensure policy compliance,” she said.

Filed under: D&O Liability, Financial, Government, ISR News, Insider Threat, PCI, Sarbanes-Oxley, Uncategorized, hackers, identity-theft, malware, national security, privacy 

Comments

• ISR Headline Index

  • Perplexities of Enterprise Privacy Policies
  • Sorting Out Social CRM Options for Business
  • Police Make Arrests In ATM Skimming Ring
  • Insurance Industry Fights Liability Claims
  • More Talks with Anti-Jihadi Hacker The Jester
  • Avoiding Enterprise Software Vendor Lock-In
  • The FCPA Role In International Acquisitions
  • Vigilante Hackers as Heroes, but at What Cost?
  • China: Internet Freedom Is Culturally Relative
  • Advantages of Data-Focused Risk Assessments
  • WireHead Security Partners With NCICU
  • FaaS: The Emergence of Fraud as a Service
  • Pet Lovers are Target of Latest Online Scams
  • Behavioral Based Email Security Systems
  • Web Security From A New Perspective

• Recent Comments

  • James C. Roberts III on The FCPA Role In International Acquisitions
  • LH on Q & A With Anti-Jihadi Hacker The Jester
  • Some Sun Tzu quotes… | D90 Tools & Techniques on Sun Tzu: PCI-DSS and Situational Awareness
  • JT on More Talks with Anti-Jihadi Hacker The Jester
  • j35t3r on Q & A With Anti-Jihadi Hacker The Jester
  • Albert Lea Tribune | Military News | Military Fitness Wisdom on Sun Tzu: PCI-DSS and Situational Awareness
  • ravenwaver on Q & A With Anti-Jihadi Hacker The Jester
  • badgamon on Q & A With Anti-Jihadi Hacker The Jester
  • How th3j35t3r And Other Hackers Are Using Their Skills To Bring Real World Bad Guys To Book on Q & A With Anti-Jihadi Hacker The Jester
  • “We want heroes” – at what cost? « jpskaar on Patriot Hacker Hits Jihad With DDoS Attacks
• 
  

  Information Security Resources

  Top network security blogs

• Categories

  • Anthony M. Freed (28)
  • Bill Brenner (2)
  • Bob Violino (1)
  • Bozidar Spirovski (22)
  • Breach (492)
  • Britt Womelsdorf (5)
  • By Dr. InfoSec (2)
  • Cara Garretson (7)
  • CCCNews (1)
  • Chorey Taylor & Feil (8)
  • Christophe Veltsos (2)
  • Christopher Burgess (7)
  • CIOZone (24)
  • Class Action Lawsuit (109)
  • Cloud computing (68)
  • Coby Royer (5)
  • CTO Forum (8)
  • D&O Liability (541)
  • Daniel Wallace (5)
  • Danny Lieberman (11)
  • DataLine (10)
  • David Alexander (2)
  • Derek Crawford (1)
  • Doug Pollack (6)
  • due diligence (251)
  • Fame Foundry (1)
  • FEATURE ARTICLE (398)
  • Financial (526)
  • Fred Leland (7)
  • Gene Kim (3)
  • Government (334)
  • Greg George (3)
  • H1N1 (15)
  • hackers (481)
  • healthcare (94)
  • Heather Bourgoin (1)
  • HomeATM (8)
  • identity-theft (478)
  • IDExperts (16)
  • Ike Z. Devji (1)
  • Insider Threat (435)
  • Internet Crime Complaint Center (1)
  • Internet Security Alliance (40)
  • ISR News (315)
  • Jacqueline Herships (1)
  • Jenni Hesterman (3)
  • John M. Salomon (2)
  • John Watkins (7)
  • John-Patrick Skaar (1)
  • Kaliber Data Security and Compliance Consultants (3)
  • Kat Sanders (2)
  • Ken Leeser (3)
  • Kevin L. Jackson (10)
  • Kevin M. Nixon (22)
  • Laton McCartney (6)
  • Laura Wilson (14)
  • Lauren Taylor (1)
  • Linda McGlasson (1)
  • malware (446)
  • Mark Wright (1)
  • Mel Duvall (3)
  • Michael Eggebrecht (2)
  • Michael Lohr (1)
  • Michael O'Conner (4)
  • Mike Duncan (3)
  • Mike Meikle (3)
  • Mike Spinney (1)
  • Military (174)
  • national security (402)
  • PCI (268)
  • PCI Security Standards Council (30)
  • Physical Security (11)
  • privacy (496)
  • Rachel James (10)
  • Rebecca Herold (16)
  • Richard Stiennon (27)
  • Robert Siciliano (30)
  • Sarbanes-Oxley (443)
  • ScamStop (2)
  • Sean Wilkins (2)
  • Semyon Dukach (1)
  • Simon Heron (14)
  • Software Associates (11)
  • Steven Fox (19)
  • SUPERAntiSpyware (3)
  • Sybase (6)
  • Symplified (5)
  • The Jester (4)
  • The Privacy Professor (16)
  • Thomas R. Fox (4)
  • Tom Groenfeldt (2)
  • Tom McLain (2)
  • Trefis (6)
  • Tripwire (18)
  • Uncategorized (579)
  • virtualization (57)
  • Webcast (31)