Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Wake-up call to business: tighten up on information security

01.07.2008
Britain’s economic progress at risk because the enterprises on which it depends are not doing enough to stop cyber crime and human error from damaging or even hi-jacking the vital business information, according to research funded by the Economic and Social Research Council. Companies confusing Information Technology with Information Security need to rethink their strategy.

According to the Department of Trade and Industry there are 4.5 million businesses in the UK of which 99.3% are small to medium sized enterprises (SMEs), employing 0-49 employees. These comprise 58.9% of the total workforce of 24.4 million and account for 51.9% of the £2,600 billion UK turnover. Bruce Hallas, a specialist in information security, said “SMEs are particularly prone to poor or even non-existent information security.

As awareness of the importance of information security increases, the SMEs stand to lose competitiveness, potentially losing contracts with existing clients and suffering the financial consequences that are increasingly arising from information security incidents.”

An over reliance on Information Technology (IT) has developed over recent years. According to Hallas, this is the result of confusing Information Technology with Information Security (IS). With ‘insufficient’ money to invest in expensive information security expertise, many SME’s are investing heavily in IT in the mistaken belief that IT will ensure IS. “Yet the largest business drivers for security investment are contractual, regulatory, market pressures from consumers, corporate clients and the public sector. Not the typical domain of IT. The biggest security vulnerability lies with people,” Hallas says. “Security is about managing the risk from people, both known and unknown, interacting with your information and information systems. It is more about people management than technology.”

Tyler Moore of the Computer Laboratories, University of Cambridge expanded, “Information security is now a mainstream political issue, and no longer the province of technologists alone,” he said. “People used to think that the internet was not secure because there was not enough of the right technology, not enough sophisticated cryptographic mechanisms, authentication or filtering etc. so advanced encryption, public key infrastructure and firewalls were added. The internet did not get any safer,” he added. “In 1999 it became clear that even the latest and greatest technology will not solve all our problems if those who protect and maintain them are not sufficiently movitated. The issue is one of incentives.”

The impact of an under-incentivised workforce can have devastating consequences in business such as denial of service attacks allowing viruses to infect the IT system, hospitals putting access to data above patient privacy, bank customers suffering phishing attacks by poorly designed banking systems.

“Economics can explain many of the failures and challenges in a new way” Tyler Moore said. “As companies are beginning to realise the value of good information security practice so security measures are being used not only to manage the evils of the attackers but also to support the business models of companies.”

Now that the Achilles heel of the information security problem has been identified, companies, especially banks, often fight shy of divulging information about attacks, whether they have been successfully repelled or not because the information concerned may be sensitive.

Help is at hand in the form of a new report “Security Economics and the Internal Market” which outlines police options regarding the economic problems in providing IS.

The report’s first recommendation is for the EU to issue a comprehensive breach notification law to notify consumers when their details have been compromised so they can protect themselves.

FOR FURTHER INFORMATION, CONTACT:
For a copy of the brochure please contact:
Kirsty Johnson( email: knowledgetransfer@esrc.ac.uk)
Nigel Jones, Cyber Security Knowledge Transfer Network (KTN)
(email : NAJones1@qinetiq.com)
ESRC PRESS OFFICE:
Kelly Barnett (Tel: 01793 413032 / 07826874166, email:kelly.barnett@esrc.ac.uk)
Danielle Moore (Tel: 01793 413122, email: danielle.moore@esrc.ac.uk)

Danielle Moore | alfa
Further information:
http://www.esrcsocietytoday.ac.uk

More articles from Information Technology:

nachricht Bursting the clouds for better communication
18.10.2018 | Université de Genève

nachricht Research on light-matter interaction could improve electronic and optoelectronic devices
11.10.2018 | Rensselaer Polytechnic Institute

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Goodbye, silicon? On the way to new electronic materials with metal-organic networks

Scientists at the Max Planck Institute for Polymer Research (MPI-P) in Mainz (Germany) together with scientists from Dresden, Leipzig, Sofia (Bulgaria) and Madrid (Spain) have now developed and characterized a novel, metal-organic material which displays electrical properties mimicking those of highly crystalline silicon. The material which can easily be fabricated at room temperature could serve as a replacement for expensive conventional inorganic materials used in optoelectronics.

Silicon, a so called semiconductor, is currently widely employed for the development of components such as solar cells, LEDs or computer chips. High purity...

Im Focus: Storage & Transport of highly volatile Gases made safer & cheaper by the use of “Kinetic Trapping"

Augsburg chemists present a new technology for compressing, storing and transporting highly volatile gases in porous frameworks/New prospects for gas-powered vehicles

Storage of highly volatile gases has always been a major technological challenge, not least for use in the automotive sector, for, for example, methane or...

Im Focus: Disrupting crystalline order to restore superfluidity

When we put water in a freezer, water molecules crystallize and form ice. This change from one phase of matter to another is called a phase transition. While this transition, and countless others that occur in nature, typically takes place at the same fixed conditions, such as the freezing point, one can ask how it can be influenced in a controlled way.

We are all familiar with such control of the freezing transition, as it is an essential ingredient in the art of making a sorbet or a slushy. To make a cold...

Im Focus: Micro energy harvesters for the Internet of Things

Fraunhofer IWS Dresden scientists print electronic layers with polymer ink

Thin organic layers provide machines and equipment with new functions. They enable, for example, tiny energy recuperators. In future, these will be installed...

Im Focus: Dynamik einzelner Proteine

Neue Messmethode erlaubt es Forschenden, die Bewegung von Molekülen lange und genau zu verfolgen

Das Zusammenspiel aus Struktur und Dynamik bestimmt die Funktion von Proteinen, den molekularen Werkzeugen der Zelle. Durch Fortschritte in der...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

VideoLinks
Industry & Economy
Event News

Conference to pave the way for new therapies

17.10.2018 | Event News

Berlin5GWeek: Private industrial networks and temporary 5G connectivity islands

16.10.2018 | Event News

5th International Conference on Cellular Materials (CellMAT), Scientific Programme online

02.10.2018 | Event News

 
Latest News

Nanocages in the lab and in the computer: how DNA-based dendrimers transport nanoparticles

19.10.2018 | Life Sciences

Thin films from Braunschweig on the way to Mercury

19.10.2018 | Physics and Astronomy

App-App-Hooray! - Innovative Kits for AR Applications

19.10.2018 | Trade Fair News

VideoLinks
Science & Research
Overview of more VideoLinks >>>