Learn how to get the best from your IT research and analyst partners by participating in an educational seminar lead by GSK’s ex-head of external information resources, Dr Tony Law.

At the session, Dr Law will be explaining how he managed his research partners at global pharma giant GSK, how he distributed and cascaded relevant information within the organisation and how he made his supplier selections.

He’ll be passing on his expertise so delegates can understand how such sources of intelligence can be used within and tailored to their own organisation.

Taking place on the 24th September 2008, the event is open to Forum subscribers and non-subscribers. To attend, click here for more information or call 01442 866 634.

Instant messaging (IM) is not yet viewed as a ‘secure medium’ for external communication - according to security chiefs.Chief security officers (CSOs) taking part in a recent Security Forum workshop all voiced concern about the security and reputational issues that can come about through giving staff unregulated access to IM.

Whilst some CSOs tolerate limited internal use of IM applications, many are concerned that IM is tough if not impossible to audit.

CSOs advise that in terms of IS policies, IM should be give the same status as a telephone call (in that it cannot be recorded and would not stand up in court as evidence) and that if deployed externally should only be considered for use with highly trusted third parties.

IT security often stands a better chance of being listened to by the business if it’s located outside the IT department - according to chief security officers meeting in a recent Corporate IT Forum security workshop.

Security chiefs taking part in the wide ranging debate reported that when Information Security ‘sits’ within IT, it can mean that business managers - often unfairly - perceive that security professionals are too close to their IT colleagues.Being seen to be too close can lead to business managers worrying that objective decisions - especially around in-sourcing and outsourcing options - become subjective and personal.

Whilst close and constructive links will always be needed between IT and Information Security, many CSOs consider that where possible, Information Security should not report into the CIO.

Where unavoidable, security chiefs recommend clear and unambiguous walls between the two departments and a clear definition of the two disciplines.

As businesses suffer from a harsh economic climate, it seems that many are looking to take bigger business risks for larger returns - and to dramatically cut costs for ‘non-essential’ security plans and procedures.

Whilst it’s entirely understandable that business managers will be searching for high-risk opportunities that can help them beat the competition - security chiefs are warning that this must not be done at the expense of security planning.

Sharing their expertise at a recent tISS Security Forum, chief security officers (CSOs) from major blue-chip organisations stressed that disaster recovery and security planning must not be seen as being “nice to have” elements of any corporate strategy.

Many CSOs voiced concern that their IS teams were already feeling the strain - due to their work being less visible than other departments - and that skimping on IT security further would damage their organisations’ protection.

Whilst CSOs are realistic that having ‘gold plated’ security is not appropriate for many struggling companies, they were worried that IT security shouldn’t be thought of as optional or only necessary for the good times.

Participants were all concerned that many business managers were not aware of the reputational damage that security breaches can have for a brand.

Speaking at the Forum, one CSO said: “We’re finding that once we’ve said “no” to a project because of the IT security risks involved, people are increasingly trying to go round us to force their project through. We’ve got to get better at explaining the importance of security to the business and making security a positive issue.”

According to press reports, SAP’s changes to its support service contracts could see costs increase from 17 per cent of contract value to 22 per cent.

However, initial research among the Forum indicates that awareness of the changes is low and among those that have been told, frustrations are high.

Many feel that the price hikes are totally unjustified - especially at a time when all businesses are feeling the economic pinch.

So, if you know about the changes do you think they are fair? What will be the impact on your business and what collective Forum actions would you encourage?

Consumers have seen increased competition in the telecoms market and a genuine choice of products and tariffs as a result - so why hasn’t the same happened for corporate customers?

[Read more →]