Future of securuty

It is now.

Bihammar believes the data leakage protection market is an increasingly important part of the Australian security industry. This is driven not just by the threat of fraud, however, the name and shame affects of data losses overseas is making local Board members wake up and take notice before their organisations are embarrassed as has happened in the UK and US.

The Australian Law Reform Commission is currently reviewing the Australian Privacy laws and there is a fairly wide expectation that disclosure provisions will ultimately be included in the Privacy Act when it is reformed later this year.

The Australian Privacy Commissioner, Karen Curtis, has called for compulsory notification of major data security breaches by Australian organisations saying: “While reporting would need to be proportional to the severity of the breach, it would provide organisations with a strong market incentive to adequately secure their databases. It would also give people an opportunity to take any necessary steps to protect their personal information.”

The Australian Law Reform Commission seems to agree stating in its earliest discussion papers that The Privacy Act should be amended to include data breach notification provisions. Exactly how that plays out into legislation may take some time.

According to an international survey of security professionals conducted by Websense, there is significant support for strict penalties for Board and C-level executives that failed to properly protect customer information. A full quarter of the respondents believed that jail time was an appropriate punishment. Nearly eighty per cent advocated company fines and nearly two thirds supported compensation for consumers affected by data breaches.

It’s not only the threat of legislation pushing the end-point control and encryption market. The respondents said that loss of brand equity, pressure from the media and the potential impact on company share prices was also putting pressure on organisations. However, twenty two per cent said they believed that companies would only take action once it was legally required.

“This survey indicates a strengthening opinion for action to be taken against cybercrime and data loss on a broader scale than ever before,” said Phil Vasic, ANZ Country Manager, Websense. “Board members should ensure proactive, strategic action is taken to protect their organisation’s essential information from emerging Web-based and email borne security threats and data loss to prevent sensitive information getting into the wrong hands.”

It is a potentially lucrative area for resellers. Security or networking vendors are now offering comprehensive end-point security systems incorporating security policy enforcement, encryption and Network Access Control suitable for most sized-organisations.

Zoe Nicholson, Channel Manager for Sophos says Network Access Control was a big topic last year and it is now being integrated into main vendors’ products sets.

“Companies are looking at their end-point, but IT budgets aren’t increasing and the total cost of point products is too high. Analysts used to tell users to deploy best-of-breed point products from multiple vendors, now they are saying they should look for a complete solution from one product,” she said.

Accordingly, Sophos is following other vendors and building a suite of products that help reduce management cost and complexity by bringing several solutions under one umbrella.

It’s an opportunity for resellers to go out and educate their customers on the new generation of suite products, says Nicholson. There’s also a good potential for service revenue to establish policies, identify which data needs protection and then to ensure adequate defences are in place.

future of security securuty