Subscribe in a reader

Navigation

Security Profile: Ted Demopoulos – Information security expert, blogger and author

Submitted by Kai on Wed, 2007-04-18 12:00.

Ted is one of those persons with strong feelings of right and wrong. This is especially shown trough his involvement in the security business. He has over 25 years of experience from IT and business, including a Security company start-up.

Read more about Ted and his background on his website 

Ted DemopoulosI had the great pleasure to communicate with Ted. As we are both passionate about Information Security and business development, we soon realized we share a few thoughts.

Upon describing Information Security, Ted said:  ”The goal of information security is very simple; to keep business processes robust and reliable by managing risks, in other words to keep the business running smoothly. Information security is unfortunately often thought of as a "technology issue" and only of concern to "security" personnel, i.e. people with "security" in their title, but that is enormously inaccurate!” 

What about technology? Many people seem to believe IS is the same as IT security?

Ted explains:”Technology can and does help a lot, but the human element is critical as well. Technology can only do so much. For example, regardless of any technology in place, if users readily give away their password or if physical security is lax and almost anyone can physically get access to critical computers, technology is of little benefit. Security is everyone's concern.”

Business impact

Ted continues that Information security is a business concern. The key impacts of IS on the business includes:
  • Keeping the business running smoothly. This includes managing risks from incidents such as cyber intrusions, IT accidents, and natural disasters, as well as disaster recovery when something catastrophic does happen, for example Hurricane Katrina
  • Protecting the brand of the business. For example in the recent TJX fiasco and the loss of millions of personal records, TJX's brand has been damaged. Their reputation has been sullied.
Will this lead to an actual loss in sales and revenue? “My wife has certainly stopped patronizing several TJX companies and so have many other consumers. An open question is how significant their loss of reputation and brand damage is.” Ted explains.

The year 2007

I asked Ted to name three major concerns for 2007. He believes these will be important in 2007:  
  1. Regulatory compliance. More and more businesses are being affected by regulations, whether the regulations directly apply to a business or indirectly due to a partner who is directly affected. This can be a significant challenge due to "vague" regulations. For example, the US Sarbanes Oxley refers to "controls" yet never gives a definition of "controls"!
  2. Cyber crime. Most cyber crime is no longer committed by the equivalent of teenage vandals, who previously might have broken windows and spray painted their school. Most Cyber crime is committed by for-profit criminals, and businesses are often targeted. The US FBI says that there is now more money in cyber crime than in the illegal drug trade!
  3. The biggest challenge: Securing a moving target. The way we use data, store data, access data, and more is changing very rapidly. This data is at the core of many businesses, and securing something that is changing rapidly is an enormous challenge.

Ted has his website with information about him and his company. He also has a blog about blogging for business, and is well known author and speaker.  

Homepage 

Blogging for business 

Post new comment

The content of this field is kept private and will not be shown publicly.

Recent comments

Recent blog posts

more


The blogger is Kai Roer, a European Information security professional.

View Kai Roer's profile on LinkedIn

Resources

www.isc2.org


Kai's training blog

Explore Security Bloggers Network (a FeedBurner Network)

Blog Network:
Blog Networks