[ISN] Firms 'must do better' on IT security

From: InfoSec News (isnat_private)
Date: Wed Oct 16 2002 - 23:50:42 PDT

Next message: InfoSec News: "[ISN] Security UPDATE, October 16, 2002"

Previous message: InfoSec News: "[ISN] Firewalling /proc entries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.zdnet.com.au/newstech/security/story/0,2000024985,20269151,00.htm

By Graeme Wearden, ZDNet UK
17 October 2002

The British government has urged companies to take IT security more
seriously, amid concern that almost three-quarters of firms have no
policy on information security.
 
Speaking at an event in London on Tuesday, e-commerce minister Stephen
Timms said it is unacceptable that just 27 percent of companies have
an IT security policy, according to a recent official survey. Timms
believes that many senior company executives are failing to give
enough attention and resources to this critical issue.

"If only 27 percent of companies actually have a policy on this issue
then the challenge of engaging the other 73 percent of company boards
is a real and important one," said Timms. "This basic failure to set
objectives and goals fed through into the survey's findings of a host
of management shortfalls -- under-investment, lack of analysis of
investment, lack of appropriate personnel policies, security processes
and technical security," he added.

Timms was speaking in London at the Information Assurance Advisory
Council's third annual symposium, where he also explained that the
government is promoting best practice standards to address the issue.

The fact that just 27 percent of companies have an IT security policy
came to light earlier this year with the publication of the
Information Security Breaches Survey 2002, a survey of UK companies
conducted by PricewaterhouseCoopers. This figure was actually a 100
percent increase compared to the previous year, which Timms described
as evidence that at best the UK has "progressed from the disastrous to
the bad."

There is understood to be concern within government circles that the
growth of e-commerce in Britain is threatened by poor e-security.

The Information Security Breaches Survey 2002 calculated that hacking
and virus attacks are costing British companies billions of pounds a
year, and found that 44 percent of UK businesses suffered at least one
malicious security breach in 2001.

Last month, Timms gave his backing to the launch of Part 2 of BS 7799
-- a new guideline that aims to make businesses better defended
against risks such as hackers and computer viruses.




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] Security UPDATE, October 16, 2002"
Previous message: InfoSec News: "[ISN] Firewalling /proc entries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Oct 17 2002 - 02:33:23 PDT