Security may be worth the investment but ask what exactly you’re getting

Over the last month, telecom and IT networking vendors have been placing far more emphasis on security. It has almost become a game of one upmanship. One vendor says security is a big problem, and then another vendor comes along and says, “”It’s not just a big problem; it’s a huge problem.””

Last

month, Symantec CEO John Thompson warned it won’t be long before hackers launch an attack the day someone discovers a security vulnerability, rather than six months later (please see story, page 8).

One might expect the CEO of a software security maker to warn companies about security threats, but it’s not just the security specialists (such as Symantec, McAfee, Fortinet and BorderWare) who are sounding the alarm. Cisco Systems Inc. and Bell Canada are also catering to businesses’ fears of attacks on their networks.

Bell, for example, has launched Bell Canada Security Solutions Inc., a subsidiary that focuses exclusively on security (please see story, page 10).

Meanwhile, Cisco Systems Inc. released the 10 products of its “”self-defending network”” strategy at the RSA Security Conference in San Francisco (please see story, page 10). Cisco’s strategy includes application security, controlling the network and combining different functions (such as intrusion prevention, firewall, anomaly detection and anti-spyware) into one device.

Most of the time, when vendors launch security products or initiatives, they present charts showing the cost of security breaches — due to downtime, lost business and other damages.

Before you sign a service contract with a major contractor or buy the latest and greatest security appliance, ask the provider a few questions. What specific threats will the product or service protect you from? Does the vendor offer money back if the product doesn’t work? What sort of guarantees are provided? Don’t be surprised if the vendor doesn’t guarantee anything. If this happens, it doesn’t mean it’s a bad idea to buy the product. But it might change your return on investment calculation — instead of preventing an attack that would cost $1 million, you’re only reducing the probability of a loss.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.