http://www.itpro.co.uk/news/115920/human-error-biggest-threat-to-computer-security.html By Rene Millman 19th June 2007 New DTI report finds that most people never change their password. A third write them down on paper. The biggest risk to an organisation's network security is human error, according to a new report. The research by the Department of Trade and Industry found that over a third of respondents either wrote down their password on a piece of paper or recorded it somewhere on their computer. The study also found that nearly two-thirds of the 1800 UK adults questioned said they never changed their passwords. Minister for Science and Innovation Malcolm Wicks said that the survey found that a large number of people were "careless with passwords, unwittingly exposing themselves and their company to fraud and theft." He added that the UK lost 440 million to credit card fraud last year and that 62 per cent of companies experienced a network security incident. Wicks said that this was a problem that needed to be fixed. "Network security is also a major growth area where the UK has a good opportunity to become a global leader if we develop new technology to give us a competitive edge," said Wicks. The department has embarked on four projects aimed at increasing network security by cutting down the risk of human error. Each of the projects will use behavioural science to tackle human error. The DTI has given the projects 4 million in total. Among the successful projects are a project, run by BAE Systems and Loughborough University aimed at developing new ways of assessing an organisation's security risk and the human factors involved. Also, another project run by HP, Merrill Lynch, the University of Bath, the University of Newcastle and University College London will develop a predictive framework to assess the effectiveness security policies that regulate interactions between people and information systems. The other two projects will look at digital communication analysis to look for potential security threats and tools to identify human vulnerabilities in network security. The projects are part of the DTI's Network Security Innovation Platform, which was set up to develop new ideas to improve network security. The DTI said that it estimated that development of this research could represent an extra 125 million market for businesses in the UK. _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Tue Jun 19 2007 - 22:19:15 PDT