Security Market Segment LS
Thursday, 14 July 2011 17:14

Network administrators given an F for (in)security

By

University researchers have found 98.8% of network switches are either inadequately patched or insecurely configured. To make matters worse, all of the organisations studied were subject to regular security audits from reputable firms!
Charles Sturt University researchers Craig Wright and Tanveer Zia have spent three years examining the relationship between IT security and systems audits.

Of the 452 network switches examined, only 1.2% were adequately patched and configured securely. It seems network administrators are doing a slightly better job on their routers, but only 3.99% were considered up to scratch.

What's really worrying is that all of the organisations studies were subject to regular security audits by reputable firms. Some were supposedly performed in line with ISO 27000 and the PCI DSS standards, yet not one check of the network equipment firmware had been made in any of the organisations for more than three years.

Dr Wright said "It may be easier to measure compliance than it is to measure security, but spending money to demonstrate compliance does not in itself provide security."

"Until we start measuring security on a constant and consistent basis and do not just take selected aspects of an organisation's cyber security in isolation, critical systems will remain at severe risk of compromise. The existing audit and compliance industry needs to change to a cyber security monitoring approach as point-in-time solutions continue to fail us again and again," he added.

Dr Wright believes at least part of the problem is that "checkbox processes" have pushed real security efforts into the background.

In addition to his position at Charles Sturt University, Dr Wright is the Australia and Asia Pacific director of the Global Institute for Cybersecurity and Research (GICSR).

 

Read 4014 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




EXL AI IN ACTION VIRTUAL EVENT 20 MARCH 2025

Industry leaders are looking to transform their businesses and achieve measurable outcomes with AI.

As organisations across APAC navigate the complexities of AI adoption, this must-attend event brings together industry leaders, real-world demonstrations, and visionary panel discussions to bridge the gap between proof-of-concepts and enterprise-wide AI implementation.

Learn how to overcome common challenges in deploying AI at scale.​

Unlock cost savings, efficiency, and better customer experiences with AI.

Discover how industry expertise and data intelligence enable practical AI deployment.

Register for the event now!

REGISTER!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Published in Security
Tagged under
Stephen Withers

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

Latest from Stephen Withers

Related items

More in this category: « Microsoft Patch Tuesday: four security bulletins Phishers getting their hooks into MobileMe »
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top

Subscribe to Newsletter

*  Enter the security code shown: img0

WEBINARS & EVENTS

CYBERSECURITY

PEOPLE MOVES

GUEST ARTICLES

Guest Opinion

ITWIRETV & INTERVIEWS

RESEARCH & CASE STUDIES

Channel News

Comments