ISACA Praises Australia's Change Your Password' Day – Recommends That Other Countries Follow Suit
London, UK, June 2009 (Eskenzi PR) – ISACA, formerly known as the Information Systems Audit and Control Association, a not-for-profit organisation that seeks to encourage best practice in the IT security industry, has applauded the National e-Security Awareness Week initiative taking place in Australia.
"We are particularly impressed with the national Change Your Password day, which aims to encourage all IT users to change their password to at least eight characters," said Jo Stewart-Rattray from ISACA’s international Security Management Committee and President of the Adelaide Chapter of ISACA.
"The Change Your Password day - which is being publicised by Ministers and IT security companies across Australia - is a splendid illustration of what can happen when private and public sector organisations co-operate effectively," she said.
According to Stewart-Rattray, there are software packages available whose application uses video cards to significantly increase the speed of brute force password decryption routines, mean that passwords of fewer than eight characters are potentially vulnerable to this type of decoding.
As a result, she explained, the Australian initiative - which also encourages IT users to switch to a mixture of upper- and lower-case alphanumeric characters - is an excellent way of explaining to end users the need to boost security on e-banking and other online systems.
Crakers (Criminal Hackers), she said, are no longer the altruistic bunch of programmers seen in movies such as 'Sneakers,' the 1992 cracking movie starring Robert Redford.
Today's crakers are a professional bunch, often with organised criminal backing, whose day job is focused entirely on extracting revenue - usually unlawfully - from anyone or any company that fails to secure their IT systems properly.
"Good password management is essential to preventing crakers completing their aims. This is why we're pleased to lend our support to this Australian initiative and encourage similar moves elsewhere in the world” said Stewart-Rattray, “COBIT Security Baseline which is free to download from www.isaca.org/cobitpubs, advises users to change passwords immediately upon receipt and then regularly in accordance with policy, ensure that the chosen password is difficult to guess and meets established best practices for length, complexity, unacceptable names, etc."
For more on the Australian e-Security week initiative: http://preview.tinyurl.com/nf2swo
With more than 86,000 constituents in more than 160 countries, ISACA® (www.isaca.org) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems assurance and security, enterprise governance of IT, and IT-related risk and compliance. Founded in 1969, ISACA sponsors international conferences, publishes the ISACA® Journal, and develops international information systems auditing and control standards. It also administers the globally respected Certified Information Systems Auditor™ (CISA®), Certified Information Security Manager® (CISM®) and Certified in the Governance of Enterprise IT® (CGEIT®) designations.
ISACA developed and continually updates the COBIT®, Val IT™ and Risk IT frameworks, which help IT professionals and enterprise leaders fulfill their IT governance responsibilities and deliver value to the business.
For more on ISACA: http://www.isaca.org/
<>