Skip to main content
The Scotsman’s Grip

I have been at the first e-crime congress in London this week, talking about IT security and business continuity planning and asking whether these represent core business functions a year on from 911. For many readers this may be a statement of the obvious, after all, Merril Lynch lost two datacentres that day but the statistics of apathy make grim reading.

If 97% of UK companies have been attacked or ‘threatened’ in some way, according to DCS Len Hynds of the National High Tech Crime Unit (NHTCU), then at least half the business community are not taking the risks seriously.

You may be familiar with the statistics from the DTI earlier this year. They had 44% of UK companies reporting malicious attacks with an average repair cost of £30,000, some as high as £500,000. Now, I take most of the statistics I see with a large pinch of salt but the most recent NHTCU figures suggest even more strongly that the problem is becoming worse and reflects almost geometric growth, month on month in the incidence of attack. Mi2G has now offered a revised projection for 2002 of 70,000 attacks, mostly targeted at small to medium size businesses.

According to a report from Mi2G, November saw a decline of 8% in the number of overt digital attacks worldwide to 14,812 - after four consecutive record-breaking months including October - when the highest number ever was recorded at 16,167.

Europe's sharp plunge accounted for a large portion of the overall decline This was principally due to the UK, where attacks fell sharply by nearly 70% from 2,253 in October to 679 in November, a consequence, it is hoped of government efforts to draw greater attention to the threat among businesses.

On the positive side, research from Riptech reveals what appears to be the first quantifiable evidence that companies may be achieving some level of success in defending against Internet attacks. For example, the percentage of companies that suffered at least one severe attack during the past six months declined by nearly half, a trend that is partly attributable to a gradual strengthening of the security postures of companies represented in the sample set.

Companies that did not strengthen their security posture likely suffered higher rates of severe attack activity.

While the many different agencies involved can be applauded for their good work, I’m left with a sense that there remains a danger of locking the stable door after the digital horse has bolted. Let me explain.

In preparing the Broadband Britain agenda, government has known about the risks for some time. One example is the as yet unknown ‘infection’ rate among Broadband users, a second is the relative simplicity by which inadequately protected UK Online centres might be compromised by their users or third parties.

You see, in the rush to achieve the online agenda, blind ambition has preceded a national programme and single point of responsibility where the education and protection of the online citizen is involved. In fact, no such programme is likely to appear before the Spring, so until then it’s open season on anyone who hasn’t taken what you and I might think of as sensible security precautions, anti-virus, personal firewalls and so on.

Who really owns this ‘information assurance; agenda at a national level, the Office of The e-Envoy or the Home Office? More importantly who will pay for it, because I can’t imagine BT volunteering to add the unsubsidised costs of better consumer security to the costs of rolling out Broadband. This raises an interesting question. Has government spent so much effort on the big picture projects that it’s been at the expense of security, that most fundamental part of IT?

Comments

Popular posts from this blog

Mainframe to Mobile

Not one of us has a clue what the world will look like in five years’ time, yet we are all preparing for that future – As  computing power has become embedded in everything from our cars and our telephones to our financial markets, technological complexity has eclipsed our ability to comprehend it’s bigger picture impact on the shape of tomorrow.

Our intuition has been formed by a set of experiences and ideas about how things worked during a time when changes were incremental and somewhat predictable. In March 1953. there were only 53 kilobytes of high-speed RAM on the entire planet.

Today, more than 80 per cent of the value of FTSE 500* firms is ‘now dark matter’: the intangible secret recipe of success; the physical stuff companies own and their wages bill accounts for less than 20 per cent: a reversal of the pattern that once prevailed in the 1970s. Very soon, Everything at scale in this world will be managed by algorithms and data and there’s a need for effective platforms for ma…
The Mandate of Heaven

eGov Monitor Version

“Parliament”, said my distinguished friend “has always leaked like a sieve”.

I’m researching the thorny issue of ‘Confidence in Public Sector Computing’ and we were discussing the dangers presented by the Internet. In his opinion, information security is an oxymoron, which has no place being discussed in a Parliament built upon the uninterrupted flow of information of every kind, from the politically sensitive to the most salacious and mundane.

With the threat of war hanging over us, I asked if MPs should be more aware of the risks that surround this new communications medium? More importantly, shouldn’t the same policies and precautions that any business might use to protect itself and its staff, be available to MPs?

What concerns me is that my well-respected friend mostly considers security in terms of guns, gates and guards. He now uses the Internet almost as much as he uses the telephone and the Fax machine and yet the growing collective t…

Civilisational Data Mining

It’s a new expression I haven’t heard before. ‘Civilisational data mining.’

Let me start by putting it in some context. Every character, you or I have typed into the Google search engine or Facebook over the last decade, means something, to someone or perhaps ‘something,’ if it’s an algorithm.


In May 2014, journalists revealed that the United States National Security Agency, the NSA, was recording and archiving every single cell-phone conversation that took place in the Bahamas. In the process they managed to transform a significant proportion of a society’s day to day interactions into unstructured data; valuable information which can of course be analysed, correlated and transformed for whatever purpose the intelligence agency deems fit.

And today, I read that a GOP-hired data company in the United States has ‘leaked’ personal information, preferences and voting intentions on… wait for it… 198 million US citizens.

Within another decade or so, the cost of sequencing the human genome …