In case of doubt the management is liable

		NEWS

silicon.de 23.7.2004

Silicon.de is reporting about their security study, which brought to light, that about 15 percent of the asked companies saw DoS-attacks (Denial of Service), 29 percent saw data loss, and 10 percent the temporary loss of system integrity. Each 20th company was confronted with fraud and data theft.

Inadequate measures are discussed mostly only considering direct financial loss or damaged image, which the company is suffering by disclosure or manipulation of business data. But there are also legal consequences, explains Ulrich Emmert (lawyer) of "esb Rechtsanwälte" in Stuttgart.

It is not necessary to use Basel II to corroborate this fact. Basel II is regulation of the international bank supervision. Also existing laws in Germany, UK, or USA show the responsibility of the CEOs of the companies for IT resp. data security, even liability with personal assets is possible.

It has to be said, that not only big companies have to establish strong IT security measures, also small and middle companies are recommended to don't act in ostrich policy.

The whole article on Silicon.de

Linktipps

	Article on silicon.de (german)
	Security Governance in the Cryptoshop Knowledge Base
	Risk Management in the Cryptoshop Knowledge Base

Windows Server 2003 is ISIS-MTT certified Microsoft Windows Server 2003 is vested with ISIS-MTT-Seal. This is a initative of the german ministry of economics and labour for a mandatory standard for signatures, secure e-mail and secure document handling compliant to the requirements of eGovernment-applications.