RealNews

Risk management seen as key to IT security

Merrill Lynch’s security chief outlined his approach at the Premier 100 event. In IT security, emotional reactions, panic and legislation are counterproductive. But intelligent risk management can enable organizations to face an uncertain future optimistically. That was the message from Merrill Lynch & Co.’s security chief to attendees at Computerworld’s Premier 100 IT Leaders Conference here yesterday. David Bauer, first vice president and chief information security and privacy officer at Merrill Lynch, gave his audience a historical perspective on the evolution of IT security, starting with the Morris worm attack of 1988. That attack took the Internet by surprise, he said. There were no tools to fight back and no source of reliable information. Responses were uncoordinated, and the result was “complete havoc,” Bauer said. He contrasted that with the Mydoom attack last month, when Merrill Lynch combined good tools with a coordinated and carefully planned response to understand and contain the threat after just one infection. That attack, he said, was “just another event.” Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.