The year 2000 computer bug is dominating news headlines as speculation reaches fever pitch. Will the turn of the millennium herald in the next Dark Age or has the Y2K glitch been blown out of all proportion?
Whatever the outcome, one thing is certain: Y2K will have repercussions for the way people do business.
Y2K and security fears
Brenda Crook, SA country manager of Network Associates International (NAI), agrees that many changes in the IT industry will take place before and after Y2K strikes.
"Virus writers, or any malicious users for that matter, will have a field-day in the period leading up to and following Y2K." Crook ascribes this to the fact that malicious users will prey on people`s fears and naivety concerning Y2K by sending so-called Y2K patches as e-mail attachments that contain malicious coding.
"However, Y2K has definitely raised the awareness of companies regarding the security of their systems."
Crook adds that e-commerce has also helped spark this awareness by ensuring companies must do everything they can to guarantee that their back office is safe enough to process transactions.
"While securing a system from any outside threat is important, the real danger comes from within." The disgruntled employee, Crook believes, is still the biggest cause for concern for organisations trying to secure their data.
Assessing the risk
Companies therefore need to have a good risk assessment policy in place to ensure that if and when a security breach occurs, they are able to handle it.
"The need for the creation of an ad hoc risk assessment strategy among companies, however, is still a major problem area in SA," notes Crook.
"This is definitely one of the biggest challenges facing the IT security industry today, and one we at NAI hope to eradicate with the launch of various security awareness workshops which will help to educate the masses.
"Additionally, companies still suffer from the firewall mentality where they believe that if they have a firewall they are completely safe against security breaches.
"Education must therefore create awareness," Crook says, "and inform organisations of the need to implement a security product which integrates all the required elements."
It is necessary to offer a security solution that can be integrated into a system and is fully automated; happily working in the background and implementing the latest problem fixes as needed, she explains.
"We will see a period of growth in this active security environment which should explode between the fourth quarter this year and the first quarter next year."
Share