[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] Companies boosting security for Web sites
From:       William Knowles <wk () C4I ! ORG>
Date:       2000-04-19 21:43:07
[Download RAW message or body]

http://www.phillynews.com/inquirer/2000/Apr/19/business/HACKER19.htm

Recent attacks by hackers raised concerns about protecting e-commerce
and information technology.

The Philadelphia Inquirer, April 19, 2000
By Katherine M. Reynolds
BLOOMBERG NEWS

WASHINGTON - Companies including Microsoft Corp., J.C. Penney Co. and
IBM Corp. are spending more money to guard against computer hackers,
executives said yesterday at a White House conference aimed at finding
ways to beef up the security of e-commerce.

Concerns about security breaches have prompted companies to boost
technology spending to 3, 4 or 5 percent of their operating budgets,
up from about 1 percent, said Richard Clarke, President Clinton's
coordinator for infrastructure protection.

"Well-managed companies will have to make the adequacy of their
information-technology systems an absolute central priority in terms
of the management of business risk," Treasury Secretary Lawrence
Summers said at the conference.

The government needs to work with companies to develop the best ways
to protect information technology, an industry that generates $800
billion a year for the U.S. economy, White House chief of staff John
Podesta said at the first of six conferences on computer security.

Company and government officials focused yesterday on how to stop the
spread of computer viruses and avert the kind of attacks that earlier
this year temporarily disabled the Web sites of Yahoo Inc., Amazon.com
Inc. and ETrade Group Inc.

Other incidents included the theft and online posting of customer
credit-card numbers from online retailer CD Universe.

The attacks on Yahoo and other companies will end up costing more than
$1.2 billion in losses, missed revenue and expenses for security
upgrades, Yankee Group Inc., a Boston market-research company,
estimated.

Companies' efforts to protect themselves could mean work for
consultants such as Arthur Andersen L.L.P. and security software
makers such as Check Point Software Technologies Ltd. and VeriSign
Inc.

Microsoft employs 50 full-time people focused on information security,
up from seven employees two years ago, Howard Schmidt, chief
information security officer, said.

On top of antivirus software and firewalls, IBM has devoted resources
to testing its systems for flaws, said J. Bruce Harreld, IBM's senior
vice president for strategy.

J.C. Penney has hired consultants and stepped up spending on software
to guard against attacks that could disrupt business, reveal
confidential information or hurt the company's reputation, chief
information officer David Evans said. The company expects $300 million
in revenue from Internet-related business this year, up from $100
million the previous year, Evans said.

Financial-services companies have decided to establish a center to
share information about Internet-related threats and problems, and the
Treasury Department supports this effort, Summers said.

A broader network of companies from manufacturing, technology and
other sectors gathered in New York City in December and February to
brainstorm about security measures, Microsoft's Schmidt said.

Clinton is already asking Congress to provide more money to combat
computer sabotage. He is seeking $138 million in fiscal 2001, which
begins Oct. 1, for Justice Department efforts to crack down on
computer crimes. That is a 28 percent increase from this year.

The President has also proposed doubling the U.S. research and
development budget for information technology to $2 billion from $1
billion in the current fiscal year, Clarke said.

The administration doesn't plan to impose new security rules on
private companies, but will try to facilitate information-sharing,
research and education about the issue, officials said.

Yet companies shouldn't worry so much about security that they lose
out on opportunities available on the Internet, said Jacqueline K.
Wagner, general auditor at General Motors Corp.

"There is an acceptable level of risk that each corporation must
accept in order to compete in the marketplace," Wagner said.


*-------------------------------------------------*
"Communications without intelligence is noise;
Intelligence without communications is irrelevant."
Gen. Alfred. M. Gray, USMC
---------------------------------------------------
C4I Secure Solutions             http://www.c4i.org
*-------------------------------------------------*

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".

[prev in list] [next in list] [prev in thread] [next in thread]