IT at board level will cure security lapses

NEWS Getting IT directors appointed to board level will help resolve security issues which are currently dogging UK plc. The claim comes from security experts throughout the industry, following the publication of a Department of Trade and Industry (DTI) preliminary report which is highly critical of attitudes to computer security. The report indicates that 60 per cent of companies have suffered a security breach within the past two years, and of those, 64 per cent did not change their security policy after the event. According to Tim Porter, director of InfoSecurity, this should come as no surprise. "The real underlying message of the survey is that all these things need to be integrated into a management framework, a policy - an information security policy - that ideally is endorsed from the board," he said. He added: "It's only when you have the policy - tying the products together, protecting the assets which your risk assessment has identified as being most important to your business, that you really start to have security cracked." Chris Pinkham, CEO of South African security developer Sequrux, agreed. "At board level, businesses should consider auditing IT procedures just like the rest of its business," he told Silicon.com. "The survey's discovery that only 14 per cent of UK firms have any security at all shows that at a senior management level, there is obviously not enough awareness of the issues." E-minister, Patricia Hewitt, will give full details of the impact on UK competitiveness in a keynote speech at next week's InfoSecurity trade show at London Olympia. The DTI Information Security Survey was co-sponsored by Axent, BT and Nokia.