David Daniels, an InfraGard board member and co-owner of a Bixby-based Web hosting company, Internetworks, thinks businesses are taking more initiative to protect themselves. Firewall and anti-spyware products are going in the shopping cart with new computers.
"Two or three years ago, I heard a lot of individual clients who said they don't care if someone else sees their stuff," Daniels said. "That turned around two years ago, when worms took over other people's computers and were sending out spam."
Digitical Forensics Professionals, founded in 2004, works closely with banks, oil and gas companies and other sectors, along with local police departments and the Oklahoma State Bureau of Investigaiton.
According to Manes, insiders with too much access to data are the biggest liability to Oklahoma businesses. IT staff should be closely monitored, Manes said, since they "have the keys to your kingdom. You've got to lock down the perimeter and look at who's getting access."
Another mistake, Manes said, is that businesses don't enforce their computer use policies. For example, employees who e-mail themselves work files and information to Hotmail or Yahoo accounts at home are taking their work outside corporate protection, he said.
Managers should also tailor their computer-use policies to the needs of their business.
"There's a right fit for your company. And it doesn't come from going to a Web site and downloading someone else's computer use policy in your industry and saying, 'Bam, now I've got a policy,' " Manes said.
Cyber terrorism is another major concern for businesses.
In theory, anyone with knowledge and a satellite phone could cause power and phone outages, adversely impact refinery operations, fire missiles from a Navy ship or shut down FAA systems -- affecting not just four planes, but 400 or even 4,000 at a time, Oklahoma's Joint Homeland Security Task Force has said.
The TU Cyber Corps program has been training what it calls "elite squadrons" of computer security experts to be the country's first line of defense against global cyber threats. The program has received millions of dollars in federal grants.
The Center for Information Security, which provides institutional research, education and outreach efforts in information assurance and forensics, is also located at the university and is the lead agency for Cyber Corps.
TU's Shenoi said there's still a lot of room for improvement.
"If you protect the hardware and software, but not data and people, you'll still have a problem," he said.
<<Tulsa World (OK) (KRT) -- 07/24/06>>