Find Article by Date
Sat, 26 Mar 2005

JP/Companies told to invest more in computer security

Companies told to invest more in computer security

The Jakarta Post, Jakarta

Indonesian firms have been told to spend more on protecting their computer systems now that information technology plays a pivotal role in businesses.

BT Bellua Asia Pacific information security consultant Jim Geovedi said the current state of cyber security in Indonesia was at an alarming level.

"The main cause is the system management that is adopted from overseas but is not adapted to the local culture. Security challenges are especially high for middle level-up businesses," Geovedi told a conference that concluded on Thursday.

He said viruses and other malicious programs spread through the internet were now far more advanced than those in previous years.

Emmanuel Gadaix, founder of the Telecom Security Task Force firm, agreed, saying there were no longer "closed environments" even in banking that were immune from attacks.

"The increasing complexity of telecommunications infrastructure with the advent of the internet and telecommunication systems leads to many further opportunities for attackers. The banks used to be closed environments, but this isn't really the case any more," he said.

The Singapore Internet Research Center, an internet security research firm, has predicted the world would need to spend at least US$2.4 billion on computer security spending in the coming three years, almost a three-fold increase from $901 million in 2003.

Some 40 experts and computer security consultants took part in the conference sponsored by Bellua Asia Pacific.

Another speaker, Phil Leifermann, said a "reactive" approach, in which an organization fights an attack once it occurs, was no longer effective to secure a computer system.

He added that development in IT has put an organization or company at risk of attacks on its computer system as it enables it to communicate and exchange information with other parties.

"Technology increases capabilities as well as risks that are higher compared to five to 10 years ago. We need an enterprise security management approach, in which security issues are first addressed at the management level through policy development," he said.

It may require a significant amount of organizational changes and money to implement the new approach at the start, he said, but the return on investment could be cheaper than trying to fix the system when it breaks down.

Geovedi predicted Indonesia might need up to 30 years to reach the standard of the United States today, but asserted that efforts must be exhausted for the sake of security. (005)