Financial Crisis And IT Security

George Fares, FInstSMM 1

Financial Crisis & IT Security: Difficulties, Risks and Actions

By George Fares, FInstSMM

International Business Development ManagerPANDA Security


The Discussion - Question

Question: What is the Current State of IT Security?Answer: According to several studies, companies face at

least two main problems with IT Security: (a)Decrease in spending on IT Security(b)Increased risks

Question: Is the Financial Crisis to Blame or

What is the role of the Financial Crisis in the two aforementioned problems


AgendaThe Financial Crisis: What Does It All Mean?

Financial Crisis and the StakeholdersFinancial Crisis and the CompanyFinancial Crisis, the Company and IT SecurityFinancial Crisis, the Company and IT Security: Some Examples

IT Security Before the Financial CrisisIn Summary:

Before and After the Crisis: Comparison and ContrastThe DifficultiesThe Risks

The Dilemma: To Spend or not to SpendExamples of Action to be TakenConclusion: Difficulties, Risks and Actions



Financial Crisis and the Stakeholders


Financial Crisis and the Company


Financial Crisis and The Company and IT Security


Financial Crisis, the Company and IT Spending: The Case of DuPont

$400 MILLION: The value of trade secrets stolen by a DuPont scientist for a Chinese rival


Financial Crisis, the Company and IT Spending: Survey results

“The company can't trace the information back to me”.According to a survey from Ponemon Institute, 79% of

the people who took information from their companies among other things said the above phrase.


NOTICE: Emphasis is on ‘Increased’ complexity


Before the Crisis: Some Examples

Viruses:Jerusalem – 1988 (MS-DOS)Morris (a.k.a. Internet Worm) - November 1988Solar Sunrise – 1998Melissa – 1999I Love You - May 2000The Code Red worm - July 2001Nimda - 2001


Before the Crisis: Some Examples

Security issues (breaches):Nissan Motor – 5.4 million customer records stolen (2004)CardSystems – 40 million credit card accounts stolen (2005)DuPont – $400 million damage from research (2005)D.Telekom – 17 million mobile users data stolen (2006)TJX – 94 million Visa & MasterCard accounts stolen (2007)Fidelity National Information Services – 8.5 million credit

card & bank accounts stolen (2007)


Problems have been there before the crisis, however the crisis increased the complexity


Misperceptions create risks

Is the Financial Crisis really the problem?

No, it is the trigger for the revelation and increase of problems already in place!!!!

So, should the financial crisis be blamed?

No, but merely our perceptions of what IT security is.


The Main Difficulties: Changing the Perception

IT Security is not a cost; it is an investmenttherefore

IT Security should not be viewed Short-Termly but Long-Termly


The art of war teaches us to rely not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his

not attacking, but rather on the fact that we have made our position unassailable.

(The Art of War by Sun Tzu, Chinese General,500BC)


To Spend or Not to Spend: That is the Question

To Spend:Serves the Long-Term Strategy

Not to Spend: Serves Short-Term Goals


Ideal Perception:

IT Security SpendingIs an Investment and not merely a Cost (or Waste)

Should be thought of as part of a Long-Term Strategy and not as part of Short-Term Goals


Action to be Taken: In Practice

Re-evaluation of current IT Security policies & systemsImplementation of tighter policiesEducation of the users for better understanding why we

enforce these measuresInvest in latest technology in H/W & S/W with advanced

capabilities to eliminate risks.



Resolving the Dilemmas

Difficulties: current profits and cash

Risks: losing money and value in the long-term future

Action: Change Perceptions, Take Measures : spend on IT Security!!!


Thank You

Financial Crisis And IT Security

Technology

security financial crisis

company financial crisis

stakeholders financial

security spending

cash risks

main difficulties

examples of action

dilemmas difficulties