Guide to the TechWeb Network

Intelligent Enterprise

Better Insight for Business Decisions
Intelligent Enterprise - Better Insight for Business Decisions
search Intelligent Enterprise
Advanced Search
RSS
Webcasts
Whitepapers
Subscribe
Home



October 30, 2002

In this Issue:

  • CIO Plans for 2003
  • Creating a Culture of Security
  • The Mysterious Plumtree Affair

    Creating a Culture of Security

    Will New OECD Guidelines Make Intelligent Enterprises More Secure?

    A recent report from AMR Research (CRM Application Spending Report, 2002-2004) suggests that despite the risks involved demand for and interest in CRM solutions remain significant. Here are some highlights:

    • 43 percent of companies are using CRM applications.
    • Of those that aren't, one third plan to deploy CRM systems in the next year.
    • On average, companies allocate 19 percent of their current enterprise application budget to CRM.
    • "Automation, productivity, and efficiency" are the primary driving forces behind CRM investments.

    See AMRresearch.com for more details.

    The first time the Organization for Economic Cooperation and Development (OECD) released security guidelines for information systems was in 1992. Those guidelines assumed that all data stores were "islands" remaining inaccessible over public networks. Ten years, several international meetings with representatives of 30 member countries, an Internet revolution, and countless cyber crimes later, the OECD has published its first revision to these guidelines, OECD Guidelines for the Security of Information Systems and Networks. (See www.oecd.org.)

    From the perspective of enterprise managers working on the security, reliability, and confidentiality problems of doing business in an interconnected world since the early 1990s or even earlier, the OECD may appear to have come to the party late - and without a present. The guidelines are merely nine brief paragraphs that describe in vague terms how businesses, governments, and individuals all need to participate in creating a "culture of security."

    The guidelines, with statements such as, "Security standards policies, measures, and procedures should be coordinated and integrated to create a coherent system of security," may seem general and obvious to enterprise IT managers. But Australian government official Peter Ford, the chair of the OECD's Working Party on Information Security and Privacy, wrote, "If these principles appear to be no more than common sense, the working party will believe it has done its job."

    Although self-interest may have led you to adoption of solid information system security practices already, the OECD guidelines may yet benefit you. The OECD's end goal is to improve conditions for business by raising confidence in electronic commerce. By working through the governments, the private sector, and civil organizations in member and nonmember countries to improve everyone's competence with IS security, the OECD hopes to both diminish risks of electronic commerce and boost trust in it worldwide.

    Government agencies have begun trying to convert the general guidelines into policy and resources with the help of private business representatives. In the United States, the Federal Trade Commission (www.ftc.gov/opa/2002/08/oecdsecurity.htm) and U.S. Department of State (www.state.gov/r/pa/prs/ps/2002/12518.htm) have made public announcements supporting the guidelines.

    — Jeanette Burriesci

    In this Issue:

  • CIO Plans for 2003
  • Creating a Culture of Security
  • The Mysterious Plumtree Affair





    		•


    Most Popular This Week
    Business Process Management 101: The Basics of BPM and How to Choose the Right Suite
    Business Intelligence 2.0: Simpler, More Accessible, Inevitable
    Gartner BI Summit 2008: The Next Generation of Innovation
    Of BI and Baseball: Two Reports Present Vendor and Product Standings

    IE Weekly Newsletter
    Subscribe to the newsletter
        Email Address







    InformationWeek Business Technology Network
    InformationWeekInformationWeek 500InformationWeek 500 ConferenceInformationWeek AnalyticsInformationWeek CIO
    InformationWeek EventsInformationWeek ReportsInformationWeek MagazinebMightyByte and SwitchDark Reading
    Digital LibraryIntelligent EnterpriseInternet EvolutionNetwork ComputingNo Jitter
    space
    Techweb Events Network
    InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0 ConferenceMobile Business ExpoSoftware ConferenceCSI - Computer Security Institute
    Black HatGTECEnergy CampMashup CampStartup Camp
    space
    Light Reading Communications Network
    Light ReadingLight Reading EuropeUnstrungLight Reading's Cable Digital NewsConstantinopleInternet Evolution
    Heavy ReadingLight Reading Live!Light Reading InsiderEthernet ExpoOptical ExpoTeleco TVTower Technology Summit
    space
    Financial Technology Network
    Advanced TradingBank Systems & TechnologyInsurance & TechnologyWall Street & TechnologyAccelerating Wall StreetBank Systems & Technology Executive SummitBuyside Trading SummitInsurance & Technology Executive Summit
    space
    Microsoft Technology Network
    MSDN MagazineTechNetThe Architecture Journal
    space