Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Politics : Stockman Scott's Political Debate Porch -- Ignore unavailable to you. Want to Upgrade?

To: Jim Willie CB who wrote (13123)	2/19/2003 4:08:31 AM
From: stockman_scott	Respond to of 89467

Analyst: Firms Should Have Clearer View Of Data Security Challenges By Donna Howell Investor's Business Daily Tuesday February 18, 10:37 am ET How are companies doing at securing their information? So-so, says Christian Byrnes, an analyst at tech research firm Meta Group Inc. Byrnes, who once headed his own security firm, has a point for top execs to ponder. He says there's a big gap between their views of data safety and those of their people who are in charge of information technology security. Byrnes recently spoke with IBD about how security issues are likely to affect the executive suite in years to come. IBD: How are the nuts and bolts of corporate IT security likely to change in the next few years? Byrnes: People are starting to connect the nuts to the bolts, which is huge progress. Realistically, the last 15 years as we've distributed computing we didn't bother much with security. In the last five years people realized that was a problem and they've started to implement security. But it's been piecemeal - bits and pieces here and there. That approach over time becomes extremely expensive, and it becomes an ongoing expense. So at some point people realize it's more effective and efficient to connect the pieces together and start managing things a little bit more coherently. So they start to apply security technology according to a set of rules rather than a set of feelings and assumptions. IBD: In general, do companies have a good understanding of what they need to do in security? Byrnes: Financial industries do. They are not all perfect, but in the aggregate you can look at them and say, yes, they're effectively secured and they're doing a good job. And you can say that the Fortune 50 companies have pretty much solved this problem for most of their operations. But as soon as you get outside of those two sets - no, absolutely not, no way. Information security typically represents 0.75% of an IT budget. Think of the IT budget as the investment in assets. The assets happen to be based in information technology. IBD: What other investment would you make as a corporation, where you didn't provide some level of assurance of the ongoing value of the asset? Byrnes: We've shifted into an information-based economy, and business managers typically don't understand their asset protection responsibilities that result from that. IBD: Could companies be liable for lax security? Byrnes: Currently no court has determined that the lack of a (corporate security) awareness program has increased liability. However, we seem to be getting to the point where we're closer and closer to a decision like that. You could certainly make the case that an organization that fails to train their employees in (the company's) security policies has in effect decided not to have any security. When something goes wrong - a hacker breaks in or a major virus outbreak - if it's something significant enough to endanger the existence of the corporation, then inevitably there will be investor lawsuits. There should be investor lawsuits. The question then becomes: What had the organization done to protect its assets from these well-known forms of attack? IBD: Broadly, how are managers supposed to implement security? Byrnes: If they have no significant security investment, then the intelligent decision is to start by identifying roles and responsibilities and a strategy. That's the planning approach. Most organizations already have some investment in information security. What we normally tell those people to do is in order to demonstrate value rapidly, you need an architecture for security. So don't focus on the planning aspects. Let's demonstrate a usable architecture that, if implemented, will directly improve the security of the systems. The architectural approach typically takes a minimum of two years to deliver some value, some return on investment. IBD: Do companies tend to think they're a lot more secure than they actually are? Byrnes: Depends on who you ask in the organization. We did a survey and found that chief executives tend to believe their organizations are quite secure. Senior executives below the CEO level have a little bit less confidence. Chief information officers have a little bit less confidence than that, and security officers have significantly less confidence than that. That finding was very clear. biz.yahoo.com

To: Jim Willie CB who wrote (13123)	2/21/2003 1:31:51 AM
From: stockman_scott	Read Replies (1) \| Respond to of 89467

Living in the Bubble Government guarantees, global capital flows, and a consumption binge add up to a national mortgage crisis. By Robertson Morrow ... The foreign-debt bubble, and therefore the mortgage bubble, is a necessary consequence of our trade deficits. When we run a trade deficit, foreigners are giving us their goods not in exchange for our goods but in exchange for something else of value. Subject to trivial quibbles, this can only be two things. The first is foreign investment: when we give them a factory in America or a claim on a factory in America. The second is debt. .... Globalization <makes> it possible for a preponderance of the creditors to be in one nation and a preponderance of the debtors in another. An entire nation can become a decadent playboy if another nation is willing to become a miser. Obviously, this imbalance is not sustainable in the long run, but it can go on for years before the dénouement occurs. Given the ingrained cultural tendencies of different nations, it is no accident that America has slid into the role of profligate while nations like Japan play the lender. ... For the first time in financial history, a major debtor nation owes its debt in its own currency. This means that rather than exporting goods to buy foreign currency to repay that debt, we can just print the money. We inflate the dollar to pay off foreigners in money that is not worth very much. Creditors will oppose destroying the dollar, but they lack the political clout of millions of American debtors. amconmag.com