http://www.silicon.com/software/security/0,39024655,39116690,00.htm by Will Sturgeon October 30 2003 Findings reveal British business is open to viruses, spam and pretty much anything else... Despite the proliferation of high-profile attacks and a spate of recent worm and virus outbreaks European businesses are still not heeding the warning to properly protect themselves. And the UK is up there among the worst offenders - with British businesses being put to shame by the near-watertight security in place within companies in Sweden and Germany. The findings are the result of a Europe-wide survey conducted by security vendor MacAfee. Across Europe, 28 per cent of companies surveyed have no measures in place to protect them against the new breed of 'blended threat' - such as Sobig and Blaster. But that average, when broken down, reveals a great disparity in the preparedness of UK firms. While 12 per cent of German firms admit to being open to attack by such viruses, the figure in the UK is a staggering 43 per cent, according to MacAfee. The UK's blushes are spared only slightly by the Dutch who manage a shocking 43 per cent. The level of preparedness varies greatly by country, with 12 per cent of German firms saying they remain undefended from such attacks while 42 per cent of British firms and 43 per cent of Dutch firms are unprotected. However, Jay Heiser, principal analyst as TruSecure, believes the difference between the UK and Germany is due in a large part to different cultures with the server room - typified by a UK tendency to adopt a 'we know best' attitude. "The differences owe a lot to different philosophies regarding configuration control. In the UK there is a greater tendency to go with bespoke solutions and there is less appetite for configuration management, whereas German businesses will generally favour conformity in their configuration, and that is far easier to manage more effectively." However, Heiser warned against UK companies panic-buying security products to make up their shortcomings. "I've never seen that approach work," he said. Heiser believes many companies have probably already made all the investment they need and now just need to work out how to use what they already have. "Education is the most important thing. Companies would be far better off working out what they can get out of their existing security products and learning which are the vulnerabilities they most need to patch." With a keen sense of how to kick a nation while it's down, MacAfee also revealed that UK companies have the worst defences in place to protect their employees from spam. According to the survey, 40 per cent of UK companies have no spam filtering in place, while 28 per cent of UK firms said they have no plan to install such measures in the next 12 months. These last statistics are perhaps unsurprising given the problems UK businesses are clearly having getting up to date with email-borne malware such as worms and viruses. At this rate it is likely to be years yet before the UK starts to take control of the relatively new spam issue. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Oct 31 2003 - 04:35:13 PST