SOX, Lies and Security Matters
by Nick Lowe - Check Point - Monday, 8 September 2008.
Security incident definition

COBIT advises that companies should clearly define and communicate the characteristics of potential security incidents so that they can be properly classified and treated by the incident and problem management process. Itís important to choose a solution that provides comprehensive support for the identification, handling and reporting of security incidents. It is possible to analyse log data in near real-time to identify significant threats across the network, as well as preset software to generate alerts to take appropriate action to mitigate the detected threat.

Malicious software prevention, detection and correction

COBIT argues that putting preventive, detection, and corrective measures in place (especially up-to-date security patches and virus control) across the organisation, protects information systems and technology from malware. Finding a solution that includes integrated, high-performance antivirus technology to detect and eliminate malware from endpoint PCs will help to combat this. Virus detection is based on a combination of signatures, behaviour blockers and heuristic analysis that together enable your network environment to attain one of the industryís highest detection rates.

Network security

Security techniques and related management procedures are suggested, e.g. firewalls, security appliances, network segmentation or intrusion detection, to authorise access and control information flows from and to networks. Companies should attempt to find a solution from which administrators can centrally manage, approve, view network topology, and verify all external network connections and changes to the firewall configuration.

Exchange of sensitive data

It is vital to only exchange sensitive data over a trusted path or medium with controls to provide authenticity of context, proof of submission, proof of receipt and non-repudiation of origin. Solutions that deliver a high level of data security by providing strong, full-disk encryption for PCs and laptops as well as access control are certainly the best for this objective. They are able to ensure the secure exchange of sensitive data by ensuring the integrity and authenticity of data. Certain sensors also offer inline detection and alerting on defined data structures such as personal identification numbers, personal health information or files marked as confidential.

Performance assessment

COBIT advises periodically reviewing performance against targets, to analyse the cause of any deviations and initiate remedial action to address the underlying causes. It also suggests that companies should develop senior management reports on ITís contribution to the business and solicit feedback from management. From this, organizations can identify and initiate remedial actions based on performance monitoring, assessment and reporting. Itís wise to find a solution to help with this, giving the company a holistic view of their security and network-activity trends. Consistent presentation of data across the business enables more effective data analysis and response.

Time to comply

SOX section 404 provides a turning point for most IT organizations in their efforts to develop, and document, the IT security controls and processes needed to support financial reporting. Protecting the integrity of information, and controlling access to resources, not only keep the companyís data safe but also fulfill compliance demands. The right security solutions can be leveraged to help fulfill many specific COBIT Control Objectives, to form the foundation for compliance with requirements set out in SOX Section 404. And with these in place, you and your Board can rest a little easier, assured that you have a compliant, robust infrastructure, from the perimeter to the endpoint.


What's the real cost of a security breach?

The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 11th