Ignore security testing at your peril

NEWS The study from NTA Monitor says testing is essential in identifying security holes in order to repair them and yet points to a wide range of industries and organisations in which testing is minimal or non-existent. According to the report, the reason behind central government choosing not to test its systems is a reluctance to use third party testers from the commercial sector. The findings show that financial institutions are most proactive in testing their systems, with 20 per cent being tested regularly. Deri Jones, security services director at NTA, said: "A computer system needs testing otherwise you don't know whether your security is achieving what you hope it can. "We're trying to get the message across. 80 per cent of security holes we find can be closed with no financial outlay to a company through such things as security patch updates." Security software firm, Tivoli Systems also released a study today highlighting the need for companies to employ stringent security requirements. It found that more than half of financial offices in the UK are unaware of the steps need to enforce ebusiness infrastructure security. The survey also said 72 per cent of respondents felt well-publicised security breaches at banks were due to them being ill-prepared. A third of the 5,000 respondents from the IT community said they weren't even thinking about security management solutions for their own systems.