TMCnet News

Computer security strategy lacking in firms, says group
[December 14, 2005]

Computer security strategy lacking in firms, says group


(Business Times (Malaysia))ONLY a third of Asian companies have an overall computer security strategy to protect their business information from leaking out, the head of the Malaysian National Computer Confederation (MNCC) said.

Datuk Dr Raja Malik Mohamed, in his keynote address at the launch of iVest Enterprise Security Solutions' seminar yesterday, said the figure implies that enterprises are not focused enough on strategic planning.

This is happening although the security budget has increased to 16 per cent this year from about 11 per cent in 2004.

"It is not just a business issue, but also a governance challenge that involves risk management, reporting and accountability. It requires the active engagement of, and execution by, executive management," he said.

He added that in the face of increasing cyber attacks and information security breaches, enterprises must focus on information security to avoid a vulnerability which could affect their bottom lines and the trust placed in them by their customers.



The enterprises need the latest anti-intrusion technologies, like firewalls and anti- viruses with constant updates, as well as good security policy and standards in their firms, Raja Malik said.

Risk management must also be designed as a continuous process that reacts quickly to changes. As such, it should include elements of real-time assessment and response.


"Enterprises must put in place a roadmap for the way in which security leaders must interact with others within the organisation. "The security professionals must not be 'techies' who have no understanding of the company's business," he said.

[ Back To TMCnet.com's Homepage ]