Information Security Bulletin

New Book: Compliance and IT Management

18 Aug 04:58

International IT Governance, published by Kogan Page, is a guide for managers and executives responsible for compliance and IT management. It explores new legislation, including the launch of ISO/IEC 27001, which makes a single, global standard of information security best practice available.

PricewaterhouseCoopers, with CIO magazine, carried out a worldwide study in 2005, interviewing 8,200 information security executives in 63 countries. PwC observed:

Despite the recent public exposures of phishing scams, identify theft, corporate espionage, intellectual property breaches, and theft of millions of personally identifiable records, only 37 per cent of companies reported that they have a security strategy in place. Improvements are far outpaced by the sophistication and volume of threats info security professional face.

The Computer Security Institute (CSI), with the participation of the San Francisco Federal Bureau of Investigations Computer Intrusion Squad, has now conducted nine annual surveys into information security at the CSI member firms. The latest results showed that in 2004 total financial losses to criminal abuse, across the 269 respondents, was 141 million.

The biggest loss arose from virus attacks (55 million) and denial of service attack (26 million). However, 11 million of these losses was from theft of proprietary information, 8 million for financial fraud and 7 million in laptop thefts.

Nearly half of those who took part in the study were unable (because they had no method of tracking) or unwilling (because of the possible reputational damage) to provide estimates of their financial losses from the successful attacks they had experienced. Responses showed that incidents of cybercrime originate equally from outside and inside the attacked computer systems.

The new book has a companion website which provides access to a toolkit of templates designed for implementation within organisations.

About the authors
Alan Calder is founder-director of IT Governance Ltd, which provides IT governance and information security services through its website www.itgovernance.co.uk (link below). He is the author of IT Governance and A Business Guide to Information Security, both published by Kogan Page.

Steve Watkins is Head of Corporate Services at HMCPSI and is co-author of IT Governance and A Business Guide to Information Security.

Related links: (Open in a new window.)
www.kogan-page.co.uk
www.itgovernance.co.uk

View printable version (opens in new window)
Back

Search ISB News:

Not yet sure you want to subscribe? Download a free sample copy!

Download the much quoted October Editorial

Portal Frontpage
Web Editorial
About This Portal
Contact Info

IS Alerts
General News
Product News
Vendor News
People News
Literature
Events
CHI News

Subscribe Online
About ISB
Publishing in ISB
Advertising in ISB
PR Information

In the current issue:

Security Management
The Importance of Adaptability
Steve Purser

From the Trenches
Reversing Perimeter Defences – a Case Study
Søren Maigaard

Security Architectures
The Self Defending Network: New Trends In ICT Security Infrastructures
Drs. Ing. René Pluis

Subscribe Online!