Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

  1. Home
  2. Careers-and-certifications
  3. Security-regs-could-create-cyber-havens
  4. Page
  5. Security Regs Could Create 'Cyber Havens': Page 2 of 2
Careers and Certifications

Security Regs Could Create 'Cyber Havens': Page 2 of 2

A new report on network security threats says that if some countries adopt tougher security and user privacy regulations, companies may look for cloud service providers in countries where it is cheaper but with lax security. It’s what the Information Security Forum (ISF) calls "cyber havens." The ISF also warns that regulations that impose more disclosure of security weaknesses in the name of transparency may have the unintended effect of inviting cyberattacks on them.
April 04, 2012

"I can imagine a situation where a cloud provider decides they’re going to set up shop in a cyber haven. They’re offering a service at a much reduced rate [compared] with someone who’s operating in a much more regulated environment," he says.

Small to midsize businesses looking to save money could be lured by a lower-cost service provider, perhaps not knowing the risk they may be taking. Durbin warns companies to be sure to ask the right questions of their prospective cloud provider. There’s also the risk that they may be a United States or an EU-based company that is unknowingly doing business with a provider that operates in a cyber haven.

"You could be moving into a bit of a minefield, and bear in mind that a lot of these cloud services are not bought by information security professionals; they are bought by business people on credit cards," he says.

To be sure, the information security industry continues to innovate to make networks safer, including those of cloud service providers. Data center services provider Equinix and infrastructure-as-a-service provider Tier 3 recently announced a partnership to run a private cloud computing environment on a public cloud service, allaying the security concerns of customers about operating in a multitenant environment.

Learn more about Strategy: Choosing the Right Vulnerability Scanner for Your Organization by subscribing to Network Computing Pro Reports (free, registration required).

Tags:

News
Careers and Certifications
Networking
Cloud Infrastructure