Internet security a hot political issue
The channel is acutely aware of the problem of cyber-crime. It often worries customers far more than street crime – as it should, because it violates privacy at work and at home.
You can at least sit on a burglar in the often misplaced hope that the police will show up, but not on internet criminals.
Yesterday David Davis, the shadow Home Secretary, addressed the issue at the Law Enforcement Conference, chaired by Ed Gibson, MS-UK’s Chief Security Adviser, at the MS campus in Reading.
Davis said the Brown regime’s folding of the national high-tech crime unit into the Serious [as opposed to trivial? - Ed] Organised Crime Agency (SOCA) was a blunder. He committed a Conservative government to creating a new ministerial office to deal with the problem, armed with an independent, dedicated, enforcement unit.
‘The risk of cyber-attack by criminals, foreign governments and terrorists is a serious, long-term threat,’ said Davis. ‘The government’s failure to recognise it as such makes it a part of the problem.’
The Conservative proposal (21-page PDF clickable within the SCL summary) goes into considerable detail about the range of threats, and suggests setting up a Fraud and Cyber-Crime Complaints Center as an interim measure. The Home Office replied that it had ‘allocated funding’ to make cyber-crime easier to report, without specifying the mechanism.
Serious
Clive Room, marketing manager at Portcullis Computer Security, had his own thoughts about the Home Office’s funding allocation when he spoke to HEXUS.channel earlier.
‘Last year SOCA had a budget of £436 million, of which the division dealing with Cyber-crime (what used to be the NHTCU) received £43 million, just 10% of the budget,’ he said. ‘The war on drugs last year consumed £4.5 billion; a ratio of 100 – 1, which gives you some idea of how low a priority crime on-line is to the present government’
As commented previously, any story about cyber-crime prompts news releases from the internet security industry. Nothing wrong with that, but it can be overwhelming. The Infosecurity Europe 2008 exhibition at Olympia on 22-24 April will provide a golden opportunity to gain an overview.
Infosec 2008 will see the release of a Security Breaches Survey carried out for the Department for Business, Enterprise and Regulatory Reform by a consortium led by PricewaterhouseCoopers LLP.
Early findings are that although 99 percent of UK companies back up their critical IT systems and data –86 percent of them daily – 28 percent of them lack a disaster recovery plan. Half of those that do have a disaster plan have failed to test them, however, and 15 percent do not back up off-site.
‘Taking backups off site poses its own security risks,’ warns Director Martin Sadler, Director of consortium member HP Security Systems. ‘Backups have tended to be unencrypted to minimise the effort of restoring data. More companies are now considering whether they ought to be encrypting their backups.’
