By Rob O'Brien
Governments need to take more responsibility for their IT infrastructure and internet security, according to a world-leading internet security researcher.
Governments need to take more responsibility for their IT infrastructure and internet security, according to a world-leading internet security researcher.
President of the International Federation for Information Processing, Professor Basie von Solms, was talking at the 14th Australasian Conference on Information Security and Privacy hosted by Queensland University of Technology (QUT) in Brisbane this week.
In a presentation entitled ‘Is the information security king naked?" Professor von Solms said governments should be taking internet security more seriously.
"When it comes to internet security, good corporate governance calls for prime ministers, presidents, CEOs or who ever is at the top of an organisation to take responsibility," he said.
In a presentation entitled ‘Is the information security king naked?" Professor von Solms said governments should be taking internet security more seriously.
"When it comes to internet security, good corporate governance calls for prime ministers, presidents, CEOs or who ever is at the top of an organisation to take responsibility," he said.
"Legal developments in the European Union and United States are forcing those at the top to take more responsibility for security.
“In the US President Obama has just created a new cyber protection bureau,” he added.
Countries must have a contingency or back-up for their national IT infrastructure, he said.
"A country's national information infrastructure of computer networks and databases runs just about everything including the water and power systems, transport and banking. If any one or all of these is brought down a country can be brought to its knees."
Citing the 2007 cyber attack on Estonia which brought the whole country to a standstill, Professor von Solms said countries were more vulnerable than ever.
“In the US President Obama has just created a new cyber protection bureau,” he added.
Countries must have a contingency or back-up for their national IT infrastructure, he said.
"A country's national information infrastructure of computer networks and databases runs just about everything including the water and power systems, transport and banking. If any one or all of these is brought down a country can be brought to its knees."
Citing the 2007 cyber attack on Estonia which brought the whole country to a standstill, Professor von Solms said countries were more vulnerable than ever.
"Vulnerabilities in the national IT infrastructure were exploited and banks, ATMs, parliament, the government, telecommunications and mobile phones were all taken down because they hadn't protected it.
"Resilience must be built into IT infrastructure."
Professor von Solms, who is from the University of Johannesburg in South Africa, said the days were gone when information security was a problem for the “techies”.
"Until now it has been seen as a technical matter but it is bad corporate governance for governments or companies to not have formal processes to protect the data citizens, clients, customers or patients entrust to them.
"Top managers must provide support, a budget and ownership of protection of data entrusted to them.
“Good information security governance starts with, accountability, good policies and procedures and directives.”
Professor von Solms said another worrying phenomenon was that there was too much faith in the security of the internet.
Professor von Solms, who is from the University of Johannesburg in South Africa, said the days were gone when information security was a problem for the “techies”.
"Until now it has been seen as a technical matter but it is bad corporate governance for governments or companies to not have formal processes to protect the data citizens, clients, customers or patients entrust to them.
"Top managers must provide support, a budget and ownership of protection of data entrusted to them.
“Good information security governance starts with, accountability, good policies and procedures and directives.”
Professor von Solms said another worrying phenomenon was that there was too much faith in the security of the internet.
"The internet is inherently unsafe. Too many IT systems being rolled out today are too complicated for their own good because we want to build IT systems on infrastructure which is not secure enough," he said.
.bmp)
