When you think of security, what image do you think of?
A large secure fence around the office? Or perhaps you imagine a big dog and security guard patrolling that space between the office building and fence?
But what about cyber-security?
A few days ago British newspaper, ‘The Sun’, was attacked by international hacking group Lulz Security – the front page was replaced by a notice proclaiming the death of News Corporation CEO, Rupert Murdoch.
The same hackers destroyed almost all the main government websites in Brazil last month.
And as networks and systems get more international, with service providers operating in one country, delivering to clients in another, who may be serving end users in another, how can you begin to protect the systems that are vital to your company?
Fraud, organised crime, electronic espionage, IP theft, terrorism, activism, and even warfare can call fall under the wider label of cyber-crime and all can be perpetrated without much risk if you know how to cover your online tracks. And criminals know how to cover their tracks.
If large governments and major corporations cannot withstand sustained attacks then there is a temptation to give up and feel that it is not possible to protect your company. If they can’t do it, then who can?
But companies can be protected from all but the most sustained attack through a rigorous security audit that examines every possible opportunity for a network attack.
However, companies today are really just loose networks of partners. A large company may have a supplier for the IT network, another for the phones, another for the broadband pipe, another for the local hardware security…
For any security policy to work, all these suppliers need to be considered as genuine partners. Perhaps a deal was entered into in the past as part of a cost-saving outsourcing strategy, but when you consider how important every link in the chain really is, perhaps you need to review your outsourcing relationships if you can’t already call your suppliers true partners?