Most Companies are at Risk
On Slashdot and Finance and Commerce
Survey says that most of the Fortune 1,000 companies are not prepared for IT security attacks. The article suggested that companies can start monitoring the networks. If it’s too costly, outsourcing the monitoring job can be an option. With the current economic recession, IT related crime rate is likely to increase.
Factors that led to the lack of protection include optimism, lack of funding to enforce good protection, and people’s ignorance about the IT security world. Companies could’ve started thinking about security risks in the beginning, during its early ages. As companies grow, things get more complex, and it’s harder for them to protect themselves from attacks. Despite the complexity of enforcing good protection, the cost is also high for large companies.
With the recession in progress, companies probably have many problems (e.g. layoff, VC funding, etc.) to worry about other than security. Not focusing on those problems can directly lead to increased crime rate. Companies should focus more on problems that may cause security attacks than worrying about protecting themselves from security attacks. For instance, if the company doesn’t have to lay off employees, then it doesn’t have to worry about jobless employees trying to harm the company. If the company has enough resources to handle both security and other problems then that’s the best case. The cost of preventing security attacks versus protecting against attacks really depends on the individual companies. Also, there are some relatively cheap ways to increase security protection such as not giving employees more privileges than they really need.