"Complacent": the verdict on IT directors' anti-virus strategies

IT directors are becoming complacent about viruses because there hasn't been a Melissa-scale attack recently, according to security vendor McAfee.

The director of McAfee's outsourced service division Sal Viveros said research by the firm proves that IT directors are resting on their laurels when it comes to anti-virus protection.

He said: "Over the last two years we've seen a big virus every three months on average. Now there hasn't been one for six months, and IT managers are getting complacent."

He said that IT directors who busy fire-fighting daily issues aren't being proactive enough about security, and particularly viruses, by getting policies and procedures in place.

McAfee's research found that while nearly 90 per cent of IT directors thought they had adequate resources for IT security, 30 per cent had nevertheless suffered downtime due to a virus attack in the last year.

"Our figures show complacency is becoming more and more of an issue. The focus has moved away from viruses so it's just human nature that it's not as high priority at work, " Viveros said.

However, IT directors rejected Viveros' conclusions. David Rippon, chair of IT directors' association Elite, took a cynical view of the research: "Are McAfee perhaps seeing a downturn in anti-virus sales? Are they trying to ramp sales by any chance?

"Security is always important, and IT directors know this. We don't spend every waking hour thinking about it, but neither should we about any one thing."

Brendan Major, head of information services for the NSPCC, said: "It's certainly not my sense that there is any complacency. IT directors do take it seriously, but some are swamped by the difficulty of obtaining a secure environment."

The research also showed continued resistance to the idea of outsourcing security to a third party.