HNS MAIN FEED
Saturday, 02:12 EST
- Zero-day vulnerabilities in Firefox extensions discovered
- Three charged with Comcast.net hijacking
- Cloud computing security benefits, risks and recommendations
- Poisoned Google search results
- World’s first wireless USB external hard drive
- A look at Securitybyte & OWASP AppSec Asia Conference 2009
- Biggest threats to federal systems and critical infrastructure
- Are 64-bit Windows inherently safer?
- NSA on cyber attacks and Microsoft collaboration
- New books: ModSecurity, Snow Leopard, social Web applications
- Vulnerability in IBM SolidDB memory caching software
- Two arrested for Zbot Trojan
Network and information security in Europe today
by Mirko Zorz - Monday, 29 September 2008.
The dark ages of security
Lord Toby Harris from the House of Lords, illustrated the problem with information security today as a poor relation of security and technology. The complication derives from a variety of emotional, cultural and financial issues. He is very critical of the UK government's approach to security on several levels and he's not afraid to demonstrate the topic. He believes there's a danger of complacency in the UK. The public sector compliance with security requirements is poor and a proper disaster recovery plan is nonexistent. Sadly, the same can probably be said for most European countries.
The fact of the matter is that in order to achieve regulation, we need greater responsibility from both individuals and the private sector. The balance of responsibility has to shift and include equipment manufacturers, software producers and service providers. Also essential are adequate resources that allow the enforcement of the rules.
One of the hot topics for privacy advocates in the UK is certainly that of national ID cards. Lord Harris demonstrated the erroneous way in which the government is "selling" them to the public. No, they won't be a good counter-terrorism tool and they offer limited benefits when it comes to illegal immigration and border control. However, they undoubtedly grant citizens the benefit of being able to establish their identity and entitlement. If an ID card was required to open a bank account, they would probably make the identity theft rate go down.
With the strong expansion of broadband and other communication technologies, identity and security matter more every day. People are being increasingly targeted by cyber crooks and they have plenty to worry about: e-crime, data loss and a plethora of malicious attacks. When it comes to e-crime specifically, it's exceptionally problematic to display the magnitude of the problem in the UK since e-crime is still not recorded separately from other types of fraud. Despite not having concrete data at their disposal, UK citizens are more afraid of e-crime than burglary or mugging. According to Lord Harris, ignorance, carelessness and technology flaws are what puts individuals at risk. Once again we're reminded about the fundamental importance of security awareness.
Lord Harris believes that because of a grave lack of security, the UK critical network infrastructure is at risk. Let's just remind ourselves about the crippling May 2007 attacks in Estonia and the recent cyber disruption in Georgia. Governments should have a framework that enables them to see which resources are being attacked and, clearly, a proper set of firm guidelines that make sure every system is up to date and working properly.
<< Prev. page 1 | 2 | 3 | 4 | Next page >>
- Q&A: Wireshark
- Best practices for DNS security
- Spam evolution: September 2009
- Looking back at 2009 through SQL injection goggles
- Q&A: Web application security
