By Vivian Yeo
January 15, 2009
Businesses in Asia that are driven by the recession to strive for
leaner, meaner IT, need to consider how their cost-cutting impacts
security, warn industry experts.
Even as frugality is expected of IT departments this year, the move to
options that support cost-cutting--including software-as-a-service
(SaaS) and cloud computing--should be assessed for risk to the business,
said Lawrence Ong, regional business manager for security at Datacraft
An IT risk assessment is something that businesses cannot do without
this year, he added. "In IT security, risk management is dependent on
the risk assessment process, which usually involves identifying threats,
determining vulnerability to threats, the impact of threats and the
likelihood of threats occurring."
Judy Wu, IDC's research manager for infrastructure software in the
Asia-Pacific region, added that risk management will be a "top concern"
for many large enterprises in the region, and such companies will adopt
a "more disciplined" approach tapping on frameworks such as Cobit
(Control Objectives for Information and related Technology), ISO 27001
and ITIL (IT Infrastructure Library). A significant number will "conduct
periodic vulnerability assessments to identify the risk level, security
posture and ensure policy compliance", she said.
Referencing to Gartner research, Eric Hoh, Symantec's vice president for
Asia South and head of global accounts in Asia Pacific and Japan, noted
that cloud-based services will more than triple in many security
segments and will "dramatically" impact the industry in 2009.
Please help InfoSecNews.org with a donation!