Skip to main content

Get Safe Online

It’s that annual InfoSec time again and walking the aisles of Europe’s most successful Information Security show, I find myself plagued with a nagging sense of doubt. Why? Scantily clad girls dressed as angels and the sash-climbing acrobats in yellow lycra bodysuits on the Symantec stand were entertaining and colourful enough and even the message on the EP Secure stand warning visitors of the dangers from viruses and “Wormes” instead of “Worms”, should have bought a smile to my face but all I could see in a packed Olympia, was an industry united in a profitable celebration of the failure of our society to properly protect itself from the dangers of living an increasingly online existence.

InfoSec was once again the venue for the release of the latest Government-sponsored survey of information security breaches in the UK, conducted by a consortium led by PricewaterhouseCoopers LLP and while you can find encouragement in the news that large businesses have become more security-conscious, with the total security incidents having fallen by 50% over the last two years, the opposite is true of small business. Here, the average number of incidents has risen by 50% to approximately eight a year. Worse still perhaps in figures that support last month’s smaller eCrime Congress survey, we have an indicative estimate of the total cost of security breaches to UK plc, up by 50% from two years ago, and now approximately £10 billion per annum.

Microsoft which is at last joining the dubious “Windows Client Protection” business with its own anti-virus, ‘Windows Live OneCare’ solution, has been working hard to improve it’s own security credentials with a number of initiatives over the last year and its Hotmail mail service is blocking 3.4 billion spam email messages each day and it has had two billion downloads of its malicious software removal tool in the last year, which tells us something about the overall size of the malicious software problem.

The computing environment that surrounds us today reminds me of a large Termite mound. It’s intricate, solid, highly-efficient and constantly improved. It does however have lots of different openings to the world outside and every now and then, a hungry chimpanzee with a twig comes along and plays havoc with the poor industrious Termite’s defensive structure. Taking this metaphor, a step further and looking at the sheer number of companies displaying solutions at InfoSec, I have to wonder how long business will have to continue spending sizeable sums on information security products that continue to have relatively modest success in mitigating the expanding risks from Netcrime?

It was Winston Churchill who said: “Although personally I am quite content with existing explosives, I feel we must not stand in the path of improvement” and at an earlier InfoSec Show, I released a Microsoft-sponsored report “A matter of trust” which examined some of the many at the challenges facing Microsoft’s Trustworthy Computing strategy and the steadily growing threat from online crime. In the intervening period, InfoSec and the security industry have become larger and more successful, as have the organised crime groups that are busy milking people’s bank accounts, defrauding businesses and stealing the identities of as many as 100,000 people in the UK each year.

So I’m confused. InfoSec is a great show and a wonderful platform for an arsenal of information security and identity products but all the evidence of this year and previous years, suggests that we’re on the wrong side of the arms race to secure the computing environment and that even for the most paranoid of organisations, an unlimited security budget doesn’t offer a safe and bullet-proof existence or to quote Arthur Dent in The Hitchhiker’s Guide to the Galaxy: “Ah, this is obviously some strange use of the word safe that I wasn't previously aware of.”

Comments

Popular posts from this blog

A Christmas Tale

It’s pitch blackness in places along the sea wall this evening and I'm momentarily startled by a small dog with orange flashing yuletide antlers along the way. I’m the only person crazy enough to be running and I know the route well enough to negotiate it in the dark, part of my Christmas exercise regime and a good way of relieving stress.

Why stress you might ask. After all, it is Christmas Day.

True but I’ve just spent over two hours assembling the giant Playmobil ‘Pony Farm’ set when most other fathers should be asleep in front of the television.



I was warned that the Playmobil ‘Pirate Ship’ had driven some fathers to drink or suicide and now I understand why. If your eyesight isn’t perfect or if you’ve had a few drinks with your Christmas lunch then it’s a challenge best left until Boxing day but not an option if you happen to have a nine year old daughter who wants it ready to take horses by tea time.

Perhaps I should stick to technology but then, the instruc…

A Matter of Drones - Simon Moores for The Guardian

I have a drone on my airfield” – a statement that welcomes passengers to the latest dimension in air-travel disruption. Words of despair from the chief operating officer of Gatwick airport in the busiest travel week of the year. Elsewhere, many thousands of stranded and inconvenienced passengers turned in frustration to social media in an expression of crowd-sourced outrage.

How could this happen? Why is it still happening over 12 hours after Gatwick’s runways were closed to aircraft, why is an intruder drone – or even two of them – suspended in the bright blue sky above the airport, apparently visible to security staff and police who remain quite unable to locate its source of radio control?

Meanwhile, the UK Civil Aviation Authority, overtaken by both the technology and events, is reduced to sending out desperate tweets warning that an airport incursion is a criminal offence and that drone users should follow their new code of conduct. Yet this is not an unforeseen event. It was i…

An Ockham of Gatwick

The 13th century theologian and philosopher, William of Ockham, who once lived in his small Surrey village, not so very far from what is today, the wide concrete expanse of Gatwick airport is a frequently referenced source of intellectual reason. His contribution to modern culture was Ockham’s Razor, which cautions us when problem solving, that “The explanation requiring the fewest assumptions is most likely to be correct;” sound advice which constantly proves to be true.

A week further-on since Britain’s second busiest airport was bought to a complete standstill by two or perhaps two hundred different drone sightings, it is perhaps time to revisit William of Ockham’s maxim, rather than be led astray by an increasingly bizarre narrative, one which has led Surrey police up several blind alleys with little or nothing in the way of measurable results.

 Exploring the possibilities with a little help in reasoning from our medieval friar, we appear to have a choice of two different account…