Few organisations invest in security audits warns ComGuard

The failure to invest in third party audits potentially leaves huges holes in network security, says local security consultancy.

  • E-Mail
By  Greg Wilson Published  August 13, 2002

Few regional organisations are investing in comprehensive security audits on their IT environment. The failure to invest in third party audits potentially results in huge holes in network security, warns experts from ComGuard, a Dubai-based security consultancy.

“Often, such vulnerabilities become apparent only in the event of an attack, meaning that organizations suffer tremendous financial loss,” says Daniel Nufer, marketing director ComGuard.

“Although it is important to detect vulnerabilities, and to know these security gaps in your system, it is even more important to eliminate these vulnerability gaps quickly and professionally. Risk management is really the key to understanding and preventing network intrusion and damage,” adds Nufer.

Security audits usually assesses the IT infrastructure from a network perspective and a company’s policy standards along international BS7799/ISO7799 lines. Auditors define the targets of security by classifying and evaluating the information assets of an organisation.

The audit produces a report about the actual security situation of the company and provides instructions to close any security loopholes.

“ComGuard estimates overall security risks of an information asset belonging to the organization by evaluating security threats, which may lead to potentially damaging results to the information asset, as well as the business vulnerability of the asset itself,” comments Nufer.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code