ProjectBy Baselinemag | Posted 2007-03-07 Print
Business process improvements, customer relationship management and business analytics are high on CIOs' to-do lists this year.#7: Intrusion Detection and Prevention">
Project #7: Intrusion Detection and Prevention
Participants: Managers from both the security and network teams.
Price tag: Hundreds of thousands to millions of dollars.
Time line: Ongoing.
Last year, it was a computer stolen from a Department of Veterans Affairs worker; this year, it was customer information pilfered from the T.J. Maxx retail chain. There always seems to be another computer break-in in the news.
Until recently, companies were focused mainly on shoring up their perimeters—keeping outsiders from hacking into their systems over the Internet. Many companies are still concerned about that. Progressive Medical CIO Mazzocco, for instance, recently brought in a set of consultants to do some intrusion testing. Their assignment: Try to break into Progressive's systems: "They were able to find some issues that we solved," Mazzocco says.
With their perimeters more secure, some companies are shifting their attention to internal threats, including viruses inadvertently introduced by a laptop user plugging back into the network, or good old-fashioned electronic vandalism from a disgruntled or simply mischievous employee.
When a company is lucky, such events fall into the realm of the merely embarrassing. In some cases, though, they can cost a company millions of dollars. "There's no shortage of breaches" and many causes, says security analyst Oltsik.
When they work well, security systems can help CIOs sleep better at night. But a security system, like a chemotherapy treatment, can be a blunt instrument, obstructing the good things along with the bad. As Oltsik puts it, "The last thing you want to do is shut down legit traffic, because it'll be your phone that rings."
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...