Download our in-depth report: The Ultimate Guide to IT Security VendorsAs 2005 comes to a close, what have we learned and implemented to assistus in managing our information security? And what does the future holdfor us who live and work in this information assurance space?
Let's start at the turn of the millennium: Almost six years ago, duringthis same time period, people all over the world were wondering if wewould technically survive the turning of the new century. Old Cobol andFortran programmers were called back to work, and many people rang in theNew Year staring at computer screens. And yet, nothing really happened.Was it because of the preparation for the event or would the computershave kept running without noticing a change in their date/time banks? I'mnot sure we ever will really know that answer.
Then in 2001, we had the terrorist attacks on the U.S. which shook theworld. And we learned our contingency plans and disaster recovery effortsrequired more than they had been covering. Our business continuity plansneeded to address more than fires in the building and updated backuptapes. They need to address business functions, hot/warm sites, andpersonnel.
A few years back, 2002 brought us Web Services, and all the securityissues that went with it. Then 2003 and 2004 introduced new securitythreats, such as spam and phishing. Identify theft through computers washuge, as were the SQL Slammer and MS Blaster worm attacks. Security typesworked hard to come up with new policies and regulations to try andaddress some of these issues.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i During 2005, did we embrace our information assurance policies andenforce the rules? Did our renewed contingency planning and disasterrecovery efforts help when disasters struck? Have we, as informationassurance professional, kept pace with technology, and those who would domalicious harm to our systems?
Here are some of the highlights so you can make your own informedopinions:
I continue to be optimistic that information assurance will rise inimportance, and business management will understand why we need to havesecurity in our systems and networks. I also believe that as securityprofessionals we will figure out how to enforce our security policies andprocedures.
Most of all, I wish you all a safe and secure new year!