Advertisment

Security - part of corporate DNA

author-image
CIOL Bureau
Updated On
New Update

NEW DELHI: Mary Ann Davidson, Chief Security Officer, Oracle Corporation, while giving a talk on 'Making Security part of corporate DNA', said that 9/11 has been an eye opener for companies regarding the security of their databases. The incident increased their concern for security and they are now waking up to the fact that their databases are vulnerable to attack both from the outside as well as inside.



Governments have been very active in forming directives regarding security all over the world. Other industry trends include introduction of 'hacker insurance', application hosting environments and formation of industry ISACs (Information Sharing and Analysis Centers).



Davidson felt that information security is needed now more than ever, but there are many factors, which conspire against it. Giving the reasons about security being a part of corporate DNA, Davidson said that it is the corporate culture that ultimately sets the course for process, people, plans, policies, etc. But there are a lot of cultural challenges in doing so like time-to-market, ignorance, implementation and attitudinal problems.



The remedy to overcome all these problems is fostering security which could be done by making corporate security policies, making the employee more aware, forming a management committee, making security more visible and rationalizing the organization where appropriate.



Taking the example of Oracle she said that building a secure product involves many steps including secure product development, information assurance - independent security evaluations and product assessments, incident response and secure configuration.







Mentioning ways to improve a company's DNA, she said that extending processes everywhere -even to non-product areas and having a continuous process of product improvement could make this possible.

tech-news