Companies would be better advised to outsource security to experts rather than manage it in house, but experts insist that internet service providers (ISPs) should be more responsive to security needs.
Speaking at the ISPCON event in London today (12 February), Richard Ayres, business development manager at antivirus expert Trend Microsystems, said that outsourcing gave security vendors the opportunity to stop viruses at source, but that ISPs were guilty of passing the buck.
Ayres explained: "Companies should have layered protection, ideally stopping potential threats at the gateway, but why not take it one level up and get the service provider to do it?
"ISPs have traditionally been reluctant to deal with security issues, preferring customers to deal with it themselves. But if we compare that scenario with, for example, a utility company, if I'm buying water from that company then I can expect it to be cleaned at source. It's the same with an ISP."
Dr Jeremy Ward, of security experts Symantec, agreed that outsourcing security was better for businesses than managing it in house.
"No one can guarantee 100 per cent security against an unknown enemy," he said. "But compare the service level agreement from the service provider to what you would achieve managing it in house and you will see benefits. Added to this, by shifting the risk you can always blame the service provider if anything goes wrong."
One business manager commented that service providers should provide ample compensation for downtime. "It's my company's name that will get dragged up in the papers, not the service provider," he maintained. "I would like to see fiscal reimbursement in that scenario."
Analyst group IDC estimates that $10bn will be spent on global IT security this year.
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff