{"id":532,"date":"2004-04-07T00:00:00","date_gmt":"2004-04-07T00:00:00","guid":{"rendered":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2004\/04\/07\/it-directors-welcome-big-fours-corporate-security-initiative\/"},"modified":"2021-12-30T11:37:36","modified_gmt":"2021-12-30T11:37:36","slug":"it-directors-welcome-big-fours-corporate-security-initiative","status":"publish","type":"post","link":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2004\/04\/07\/it-directors-welcome-big-fours-corporate-security-initiative\/","title":{"rendered":"IT directors welcome Big Four&#8217;s corporate security initiative"},"content":{"rendered":"<p>Plans by an industry consortium to develop a corporate checklist for assessing cyber threats could help IT directors justify security spending and help protect companies against hackers, according to industry experts.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The consortium, which includes the Big Four accounting firms and insurance giant AIG international, aims to agree a cyber-risk model that can be used by companies in all industries.<\/p>\n<p>Auditors and insurers could also use the &#8220;risk preparedness index&#8221; to help decide whether a company has adequate IT security arrangements.<\/p>\n<p>Although details of the framework have yet to be finalised, security experts believe it will focus on an organisation&#8217;s IT security safeguards, such as its firewalls and anti-virus software, and compare this against the security threats it faces.<\/p>\n<p>&#8220;IT infrastructure risk management is of critical importance to the industry and Barclays broadly welcomes the principles behind this initiative,&#8221; said Barclays group chief technology officer Kevin Lloyd.  &#8220;We will continue to monitor the development of this framework with interest and potentially inclusion in the shaping of the framework.&#8221;<\/p>\n<p>Nick Leake, director of operations and infrastructure at ITV, said, &#8220;I think the real value of this approach is in sorting out the companies with dreadful levels of non compliance\/operation from those with high levels &#8211; it won&#8217;t be much use in distinguishing the better of two already very compliant operations.  And as with all these things, it will have to be kept up to date.&#8221;<\/p>\n<p>Industry experts said that an accepted model for measuring security risk would be a breakthrough if widely adopted and would also help IT departments justify security spending.<\/p>\n<p>&#8220;The new security standard looks promising, although a lot of the devil will be in the detail,&#8221; said Graham Titterington, principal analyst at Ovum.  &#8220;It will make it easier for people to justify spending on IT security because of the backers of the standard are blue chip companies, which gives it credibility with the board.&#8221;<\/p>\n<p>Neil Barrett, technical director of security consultancy information risk management, said the proposed security standard would allow IT directors to measure their organisation&#8217;s security arrangements against a benchmark.<\/p>\n<p>http:\/\/www.computerweekly.com\/articles\/article.asp?liArticleID=129789&#038;liArticleTypeID=1&#038;liCategoryID=2&#038;liChannelID=22&#038;liFlavourID=1&#038;sSearch=&#038;nPage=1<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-532","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/532","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=532"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/532\/revisions"}],"predecessor-version":[{"id":3019,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/532\/revisions\/3019"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=532"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=532"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=532"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}