Stories by Martin Mooney

The ability to effectively and efficiently audit IT security has never been more important. Whether internal or external, financial or operational, business or regulatory, audits are increasingly performed of IT controls and IT security. This increase is driven by the need of the business and auditors to rely on internal controls, the requirement to effectively manage risk, along with the role of the auditor in assessing compliance with regulations, policies and standards.
IT auditors often leverage manual procedures, scripts and network vulnerability scanners when auditing technical IT security. Unfortunately, these are fraught with challenges and limitations and often create an undue burden on the auditor.

Insider fraud is where data or money is stolen from companies by internal staff or contractors who have access to internal systems and processes.
Time and time again, reports by security experts find that malicious employees or other insiders are responsible for more than half and sometimes up to 90 percent of the cases where data or money has gone missing.

To meet the demands of today’s business landscape organisations must do everything possible to secure and integrate their information assets, while satisfying compliance mandates and optimising corporate efficiency.
Files are getting larger and data transfer is a major headache for most IT departments. Large files moving back and forth between corporate groups and their datacentres account for the greatest volume of transfers: financial firms transfer checking account transactions or credit-card data; healthcare companies have to collate and synchronise data on specific procedures with the medical files; and retailers have to upload their latest sales data from their numerous stores.