Event
Summary
In an effort to assist corporations in preventing security related losses,
Ernst & Young announced that it is spinning off a new online security
venture. The new venture's premiere product line is their Security
Vulnerability Assessment service.
Market
Impact
By having an outside objective security vulnerability assessment, IT organizations
can feel secure in that they have at least attempted to thwart-off cybercrime
and Internet attacks. A security vulnerability assessment lets you know
what the status of your network is at a given moment in time. With near
1200 or so security consultants, and security educators that understand
security well-enough to teach security penetration testing to fellow industry
security experts (eXtreme Hacking), Ernst & Young is positioned well to
offer a robust service in this area.
As
well, eSecurityOnline has over 1000 security resources available for public
viewing. Their security content includes educational materials, product
reviews, vendor reviews, and other security news that can help IT security
departments stay abreast of current threats and trends.
User
Recommendations
With security violations growing at a rapid pace, just keeping up with
cybercrime, let alone conquering it, is a daunting task. Any organization
that performs transactions over the Internet should have a security vulnerability
assessment done each quarter. Subscribing to an SVA annual service is
one way to show that your organization has taken due diligence to prevent
security intrusions.
An
SVA assessment does not guarantee that your network or website will not
be broken into. However, it does educate you about what holes currently
exist and what can be done to close them. Once your company gets broken
into, it looks a lot better to say, "At least we tried to prevent it,"
then to say, "Oops. We have never had a security vulnerability assessment
done."
For
Internet companies, having an SVA done should be like going to the dentist
- you do it on a regular schedule, and remedy problems as you find them.
Internet security is an on-going process that requires constant attention
- it can't be solved by purchasing shrink-wrapped security products alone.