Get hooked up with AT&T ConnecTech
December 22, 2004 8:37 AM PST
Security workers praise Sarbanes-Oxley
- Related Stories
-
Google's search for security
December 22, 2004 -
Hybrid Trojan horse aims at Symbian phones
December 21, 2004 -
ActivCard buys into banking security
December 21, 2004 -
15 firms added to Cisco security effort
December 21, 2004 -
Patches slapped on serious PHP flaws
December 17, 2004
The survey, released Wednesday by security services company RedSiren, indicates that many IT professionals view security guidelines as work-intensive. But they also believe the regulations--such as the Sarbanes-Oxley Act, HIPAA (the Health Insurance Portability and Accountability Act) and the Gramm-Leach-Bliley Act--are making a difference.
Of the 300 IT professionals interviewed for the study, 66 percent agreed that the government regulations have improved the overall security of the networks they work on.
On the flip side, many of the people surveyed said the federal regulations eat up a bulk of their working hours, leaving less time for other security-related projects.
Sixty-two percent of respondents said they now spend more time complying with regulations than addressing other security-related matters, and more than 38 percent said this demanding work has caused them to scale back other IT security projects.
Still, in a nod to the perceived effectiveness of the government security laws, 19 percent of those surveyed said they would be comfortable spending less time actively monitoring network security as patch management and incident response technologies become more automated.
Executives at RedSiren said this trend may be somewhat dangerous because regulation compliance alone does not constitute foolproof protection.
"This shows a clear disconnect among the very people who need to be thinking proactively about how to best protect their networks and the information that resides on them," said Nick Brigman, vice president of product strategy at RedSiren. "On one hand, they know that the government's rules are making them move in one direction. But on the other hand, a surprising number are willing to leave things to chance."
RedSiren noted that this potentially false sense of protection was more prevalent among the IT professionals at smaller organizations, as many of the workers there feel their operations are overlooked by hackers and other criminals.
"Attackers are looking for any outlet to gain control, regardless of size," Brigman said. "At best, these people may be deluding themselves into a false sense of security. At worst, they're taking a dangerous risk."
Fifty percent of the people responding to the survey listed e-mail-borne threats, such as viruses, worms and phishing, as the greatest threats to IT security in the coming year. Eight percent of those interviewed said that spam will constitute the biggest single threat to their systems in 2005.
Ninety percent of respondents reported that their IT security budgets will either stay the same or grow during 2005, with 18 percent saying that such budgets will grow significantly, or by more than 20 percent.
See more CNET content tagged:
RedSiren Inc.,
Sarbanes-Oxley Act,
HIPAA,
IT security,
IT professional
Nearly eight months after my day in court, there still has been no decision by the court. It has been two years and two months since my termination of employment. I assume a statute of limitations is at work here. I fear the wheels of justice will move so slow as to let the criminally negligent escape into the dark without penalty and the industry will continue on, providing inferior and negligent client service to unknowing or unsuspecting clients.
I fear that my current employment as a laborer in the construction industry will continue indefinitely.
Is it all real? Virginia, in all this world there is nothing else real and abiding. NO Sarbanes-Oxley! A thousand years from now, nay, ten times ten-thousand years from now, financial firms will continue their negligent fiduciary care of client funds, and the legislations engineered to combat these Grinches of Christmas will continue to fall short of the mark.