Companies urged to protect ‘vital systems’

Link: IT Decisions – Security

Andreas Wuchner, head of global IT security at Novartis, a health and pharmaceuticals multinational, said hype about security was manna for the computer industry, but users should be shrewd about how they spend their security budgets.

‘Be aware of your vital systems, protect them and concentrate on your main business processes,’ he told VNU News Centre at the conference, in London.

Beverly Allen, manager of information security at EDF Energy, the company formed by the merger of London Electricity and Seaboard, said there should have beeen more business managers at the conference.

‘Security is a business issue, not a security issue,’ she said.

The head of computer security at one financial institution, who asked not to be named, said there was a general need for closer ties between business managers and security managers.

Such ties should be ‘specific’, he said, and incorporating risk analysis to identify those areas of the business that most needed protection.

Delegates were all conscious of the need not to waste money on unnecessary security measures that cosseted inconsequential areas of their business.

Simon Perry, vice president of security strategies at Computer Associates, said users faced a dilemma in striking a balance between prudence and security.

‘Businesses are worried about regulation forcing them to do something about security,’ he said. ‘[But] on the other side there are worries that there will be some form of devastating attack that will tarnish reputations.’

Related reading