The Gartner Group launched during the IT Security Summit, a book written by Richard Hunter (Gartner vice-president) entitled IT Risk: "Turning Business Threats into Competitive".

The Register published an article highlighting some of Hunter's statement. Extracts:

• IT systems have become so integral to businesses that their failure can have disastrous consequences for an organization.

• IT risk is too important to be left to IT departments
• IT risk is related to IT value. It would be short-sighted not to recognize either value or risk

The complete article in available on The Register site.

More interesting than the article itself are indeed the comments which clearly show how wide is the gap between the theory (or the analysis) and the reality.

Best of :

• So the Bean counters and all the people who have no clue about it should have control? BAD IDEA.
• …This is the reason why an I.T director needs to sit on the board. Not however just some one who did a MBA but barely knows how to turn on their PC.
• …much of the problem can be resolved with a bit of education and common sense – and some money of course
• Ignorance, from middle management to board level, of even simple issues relating to IT risks that can be seriously detrimental to the business as a whole.
• Management, up to board level, simply not listening to IT managers who DO know what they are talking about
• In my experience IT risk auditors are finance types who don't understand IT and thus cannot adequately assess the risk
• Yes, let's take away IT disaster management and network security from the people that have a clue.

All comments are here.

I recognize in most comments highly experienced, realistic and well grounded IT guys. About the, so called, IT Analysts… same consideration than for the Burton Group.

As expressed, common sense would be to have IT director on the board, and the management to wake up and become IT skilled.

What's your opinion ?

Tags: 2007, analysis, art, best of, blog, book, ces, ethernet, failure, fon, gap, gartner group, how to, im, IT risk, King, lan, launch, LED, light, list, Management, MIT, money, network, nomadcom.net, pet, press, risk, security, simple, the register, threat, uk, wp, www, XP

The British Department of Trade and Industry has made £4m available for four research projects aimed at reducing the IT risk created by human error.

The program, which is part of its Network Security Innovation Platform, reflects the fact that human error is by far the biggest risk to network security.

It cited the results of a survey it conducted, involving over 1,800 people, on the use of passwords. It found that:

• Just over 30% of users recorded their password or security information by either writing it down or storing it somewhere on their computer.
• About 65% never changed their password
• 20% of people used the same password for non-banking websites as well as their online bank

The projects will use behavioural science in a bid to tackle the human risk element in network security.

Four projects will receive funding under the programme.

• The first is about developing a risk assessment package focused on organisational and human factors.

• The second, named Trust Economics, is aimed at developing a predictive modelling framework that assesses security policies that regulate the interaction between humans and information systems.
• The third is aimed at developing a solution for the analysis of digital communications to identify threats introduced by humans.
• The fourth named CatalysIS, is a tool to improve risk culture and identify human vulnerabilities in network security.

Minister for science and innovation Malcolm Wicks said: "Unfortunately, the weakest link in network security is not usually with the technology, but with the staff and system users. A DTI survey found that a shocking number of people were careless with passwords, unwittingly exposing themselves and their company to fraud and theft.

"Network security is also a major growth area where the UK has a good opportunity to become a global leader if we develop new technology to give us a competitive edge."

This article was originally published at Kablenet 

Source: The Register 

 

Tags: 2007, aim, analysis, arc, art, blog, communication, computer, digital, Fun, global, human, ict, ICT Security, identify, im, industry, interaction, internet, Internet News, Internet World, IT risk, King, lan, network, nomadcom.net, online, password, pet, privacy, project, risk, science, search, security, space, study, survey, technology, the register, threat, uk, user, web, website, wp, www, XP

The Musée de l'Elysée, a museum for photography, in Lausanne, Switzerland proposes from February to May an exhibition about "The rapid mutation of amateur photography in the digital age" called "We are all Photographers Now!".

The events wants to be interactive and invites people from all over the World to submit their photos on the exhibition's web site. A selection of pictures received will be publish then on exhibition's walls. Participants will get an email with a new photograph (what museums call an "installation view") with their photo such at it was shown on the galeries of our museum.

The event will explore and try to answer some of the following sensitive issues, such for example :

• Does the digital shift constitute a revolution, or merely an evolution?
• Does the shift represent a real democratization of photography?
• Is citizen photojournalism worthy of its name?
• Does the shift threaten the livelihood of professional photographers in fundamental ways?
• Does the shift represent a shift towards more authenticity or truthfulness — or less?

Sources :  Textually.org, About:Photography

Tags: 2007, api, arc, art, blog, ces, citizen, CTU, digital, elysée, event, example, exhibition, february, Fun, HP, ict, im, install, ITU, lan, lausanne, LED, live, manipulating, MIT, museum, nomadcom.net, Our World, photo, photographers, Photography, photojournalism, picture, sharing, shift, switzerland, threat, USA, web, world, wp, www, XP