Testing for Security Vulnerabilities
Brendan McGarrity, the company's Head of Risk & Design, says many organisations focus too narrowly on obvious sources of security vulnerability, including the integrity of their IT networks, rather than taking a bigger view that recognise issues that may arise from technology used to provide physical security, such as CCTV cameras.
Commenting on the UK government's recent decision to proceed with contracts for the supply of 5G data network equipment from Chinese telecoms giant, Huawei, McGarrity says:
"The industry well knows which manufacturers’ equipment present the greatest risk of providing the ‘back door’ into a company’s IT infrastructure. The simple act of failing to change the default password at the point of installation creates enormous risk.
"Of course, this does not mean that such equipment does not have its place in the security industry as risk has to be proportionate. But it does mean that for higher-end, Enterprise-wide systems, integrators need to be more circumspect in the technology that they specify, and in the testing that they undertake.”
"IT people are not security experts, however, and security people tend not to be IT experts. So it is vital that both parties work together to achieve the outcomes they are looking for."