TERENA Networking Conference 2000    

The Changing Role of IT Security in an Internet World - A Business Perspective

Hannes P. Lubich, Bank Julius Baer, Zurich, Switzerland

IT security has come a long way since networks were first used to gain unauthorised access to computers, or distribute viruses by e-mail. While IT security was considered a nuisance and an obstacle to the free exchange of information at first, it has now moved centre-stage, defending business-critical systems from unauthorised access. However, we must re-visit the role of IT security once again, because all too often, IT security managers find themselves in the hopeless situation of trying to uphold a maximum of security, as requested from management, while at the same time they are considered an obstacle in the way of developing and introducing new applications into industrial, business and government network environments. Within this paper, some of the difficulties of providing a sustainable and acceptable level of IT security, such as technological shortcomings, business and organisational obstacles, legal and regulatory pitfalls, and societal issues, will be discussed in more detail. Based on this inventory of potential problems, key elements and roles of an organisational IT security framework, in particular the definition of an appropriate IT security management, as well as the necessary planning and realisation steps, and the integration of IT security into the organisational quality management process, will be described.

Full Paper, Slides (131KB)



Return to SessionReturn to Index