contents | business | |||||||
| Legislation Is Not the Answer for Information Security In his opening address at The Information Security Forum's 18th Annual Congress in South Africa last week, Professor Mervyn King, Chairman of the King Committee on Corporate Governance in South Africa, told over 500 delegates that, "legislation is not the recipe for good corporate or IT governance and that it is impossible to legislate against dishonesty." Professor King added that, "quality is more important than quantity when it comes to governance; and the market is the ultimate compliance officer." Professor King was addressing security professionals from leading companies and organisations around the world who convened in Cape Town to tackle the security challenges they will face in 2008 and beyond. The ISF Congress is an information security conference and provides a unique peer-to-peer, confidential environment for sharing knowledge and experiences, hearing from industry experts and gaining practical advice on current and emerging information security risks. A former Judge of the Supreme Court of South Africa and former Governor of the International Corporate Governance Network, Professor King told his audience at the Cape Town Convention Centre that, "IT governance is specific to each business and a 'one size fits all' approach is not possible; alternative standards such as Cobit and ITIL should be used as a framework for IT governance." Professor King also believes that company Boards need to have a better understanding of the implications of strategic decisions on information availability. He said that, "IT governance is a Board level issue and because of this it is increasingly important to have the CIO as a Board member." This year's Information Security Congress boasted an impressive line up of speakers, dealing with a range of important issues from the growth in organised online crime and cybersecurity to the increasing demands of IT governance and global legislation. Other topics under the spotlight included mobile security; security tools and techniques; managing risk; culture, awareness and behaviour; security strategies and outsourcing. In his presentation called 'Zen and the art of Cybersecurity', Ira Winkler, President of the Internet Security Advisors Group warned delegates of a false sense of knowledge and the importance of getting the basics right. Mikko Hyppönen, Chief Research Officer for F-Secure raised increasing concerns about the threats of organized crime while Stuart McIrvine, Director of Corporate Security Strategy at IBM provided advice on ways to improve IT governance. Also speaking was Anton Musgrave, author, futurist and Director of FutureWorld International looking at 'Life 2.0' and Reggie Butler, Senior Consultant and Master Facilitator for Global Lead Management Consulting. Attendance at the Annual Congress is exclusive to ISF Members and is one of the benefits of ISF membership. The ISF is a not-for-profit international association of over 300 leading international organisations, which fund and co-operate in the development of practical, business driven solutions to information security and risk management problems. The ISF undertakes a leading-edge research programme and has invested more than US$100 million to create a library of over 200 authoritative reports along with information risk methodologies and tools that are available free of charge to ISF Members. write your comments about the article :: © 2007 Computing News :: home page |