In 1998 Dale Kutnick, Chairman of the META Group, stated that: "The next bank robberies are going to be electronic, and companies will need to protect their intellectual property and information."
USA Today reported on Wednesday, 13 August 2003, that in an effort to curb identity theft, the fastest-growing crime in the US, bank regulators want to require banks to notify their customers when hackers invade computer systems.
"Recent South African media reports indicate that the problem is not exclusive to the US, and neither is the problem restricted to financial services companies," says Les Stevens, practice leader: risk and security for META Group South Africa. "CIOs of service-oriented organisations should continuously monitor their security posture to ensure they maintain user trust and that they comply with global security standards."
He urges CIOs to access META Group`s complimentary questionnaire 'Information Security Critical Constraints Analysis`. "The analysis is designed to capture the strategic state of information security practice within their organisation in a self-assessment questionnaire that will enable CIOs to compare their organisations against current industry best practice. This assessment is not a survey and participants are not expected to return answers to META Group."
The strategic analysis is arranged around the six primary components of an effective corporate information security ecosystem: organisation, governance, budget, policy, process and technology. The objective of the analysis is to capture, at a high level, the current state of information security practice within the organisation.
Globally, financial institutions are examining and preparing supervisory policies for regulated banks and vertical industries. These policies are currently a hot topic and a frequent focus of META Group client inquiries, as traditional banking as well as non-banking organisations such as brokerages and insurance agencies develop initiatives and projects to address IT-related risks. The CIOs of many financial services organisations are seriously concerned that they do not have the appropriate IT management processes in place to eliminate (or mitigate) IT risk, and are looking to the Financial Institution Councils for policy guidance and best-practice direction.
META trends indicated that by 2003/04, 40% of high-performing CIOs will adopt processes that embrace risk management (RM) best practices to reduce the perils associated with acquiring and managing IT resources, and they will be better positioned to categorise, assess and communicate their IT RM programme. These practices include a more holistic approach to RM processes such as risk assessment, mitigation, control and reporting (monitoring). CIOs who adopt RM best practices will contribute directly to the long-term strategic and financial stability of their enterprise and earn the trust and respect of their business colleagues.
To request a copy of the Critical Constraints Analysis questionnaire, e-mail eric.cowling@metagroup.com.
Les Stevens will co-present Architecting IT Security: An Intensive One-Day Workshop, an exclusive offering from META Group`s Security Infusion Programme.
Traditional information security methods are insufficient for meeting global business requirements. Competitive pressure is forcing organisations to adopt new technologies faster, and as the rate of business complexity increases, organisations must adopt a more sophisticated approach to security. Such approaches must take into account application externalisation, new technologies, e-commerce, and the explosive growth of server and desktop environments. Achieving information security is an ongoing process that requires constant investment, management and business participation. It requires an adaptive information security architecture of consistent principles, guidelines and mechanisms that enable the organisation to develop and implement security solutions that are appropriate to the business requirements. For more details: http://www.metagroupsa.co.za/msites/za/1168.html.
Share
META Group is a leading provider of information technology research, advisory services, and strategic consulting. Delivering objective and actionable guidance, META Group`s experienced analysts and consultants are trusted advisors to IT and business executives around the world. Our unique collaborative models and dedicated customer service help clients be more efficient, effective, and timely in their use of IT to achieve their business goals. Visit www.metagroupsa.co.za for more details on our high-value approach.
Editorial contacts