Govt to certify security providers

The government is discussing the possibility of making IT security provision certification mandatory, in an effort to maintain quality control and develop a more responsibly-minded sector.

The Australian Information Industry Association (AIIA) has been hounding the government to install an appropriate security regime for some time, according to Michael Hedley, corporate relations manager for the AIIA.

This pressure resulted in the development of the PKI (personal key identification) gateway, however this is only the tip of the iceberg according to Hedley.

"The discussions around security involve a myriad of issues including liability, final responsibility, working with the US and other international entities to formulate a suitable system of regulation - regardless of whether Australia has enough skilled people to service this sector," said Hedley.

Preliminary blueprints to make IT security certification mandatory via legislation have been well received by security resellers who are increasingly nervous about being left holding the can on the liability front.

With the dramatic increase of financial and health services going online, Glen Miller, managing director of e-distributor Janteknology, said there is more need than ever, to ensure that the people giving advice are qualified to do so.

Miller said there is a lot of money to be made in IT security and a lot of it will be wasted in useless investments.

"Hot sectors attract cowboys, and that doesn't do any good for the guys who want to be around in a year's time," he said. "Anyone can set themselves up as a security provider, despite the fact they could have been selling dolls eyes, the day before."

However, the channel has only a brief window of opportunity to get their opinion heard before decisions are wrested from their control. Insurance companies have caught whiff of an added revenue stream and are closing in on the e-risk element of corporate networks. The Insurance Council of Australia began circulating e-commerce risk assessment tables earlier this year, which gauge vulnerability based on the impregnability of specific platforms.

More about: AIIA, Australian Information Industry Association, Gateway, Insurance Council of Australia, Janteknology, ProVision

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/14/gimp/

GNU Image Manipulation Program (GIMP)

When you think Open Source software, you may think of half-baked programs too hard to use, or perhaps lacking power. Well, think again. This Open ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia