By Greg Wilson
The failure to invest in third party audits potentially leaves huges holes in network security, says local security consultancy.
Few regional organisations are investing in comprehensive security audits on their IT environment. The failure to invest in third party audits potentially results in huge holes in network security, warns experts from ComGuard, a Dubai-based security consultancy.“Often, such vulnerabilities become apparent only in the event of an attack, meaning that organizations suffer tremendous financial loss,” says Daniel Nufer, marketing director ComGuard.“Although it is important to detect vulnerabilities, and to know these security gaps in your system, it is even more important to eliminate these vulnerability gaps quickly and professionally. Risk management is really the key to understanding and preventing network intrusion and damage,” adds Nufer.Security audits usually assesses the IT infrastructure from a network perspective and a company’s policy standards along international BS7799/ISO7799 lines. Auditors define the targets of security by classifying and evaluating the information assets of an organisation. The audit produces a report about the actual security situation of the company and provides instructions to close any security loopholes.“ComGuard estimates overall security risks of an information asset belonging to the organization by evaluating security threats, which may lead to potentially damaging results to the information asset, as well as the business vulnerability of the asset itself,” comments Nufer.