Read Bennett Gold LLP's privacy policies and practices regarding this web site.
LINK TO: Bennett Gold LLP's Privacy Policies and Practices. SecurityMatters.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Accountants, home page.

LINK TO: SecurityMatters.com, home page.
The network security practice of Bennett Gold LLP, Chartered Accountants.


Join the
Bennett Gold
News List:

(enter e-mail)
read privacy
disclosure

Security News Headlines:

BUSINESSES FAIL THE SECURITY TEST

GO BACK to Previous Page.

Source: ZDNet.UK
Posted on September 3, 2001

      Businesses need to work harder on their e-business security in the wake of a report saying two-thirds have been attacked in some way. Company boards should do more to improve e-business security, as digital crime is deterring many firms from selling goods and services over the Internet, according to this recent report.

      The CBI and Institute of Chartered Accountants of England and Wales (ICAEW) Fraud Advisory Panel's Cybercrime Survey 2001 report shows two-thirds of firms have suffered a serious incident such as hacking, virus attacks or credit card fraud. It notes that negative publicity rather than direct financial loss harms businesses the most. The report advises a coordinated approach at boardroom level to understand and minimize the risks of online crime. Its key recommendations are that companies regularly evaluate all e-business risks and review their Web strategies, by following guidelines from the ICAEW's Turnbull Report on risk management. Firms should also emphasize security training and employee awareness, it adds.

      As well as using technology for protection, firms should regularly review strategy, personnel issues and other policies and procedures to improve security. "Boards are more aware than ever about the risks associated with e-business," commented Chris Potter, e-business security partner at consultancy PricewaterhouseCoopers. "But the degree of boardroom responsibility varies." The report criticizes many companies for relying too heavily on technology for security, rather than the proper evaluation of risks. "The deployment of technologies such as firewalls may provide false levels of comfort unless organizations have performed a formal risk analysis, and configured security mechanisms to reflect their overall risk strategy," said the report.

      Potter added IT managers and the board should put more emphasis on recruiting security experts and training staff, as well as obtaining specialist advice on computer crime. Companies should give someone the responsibility for monitoring Internet and online crime news to keep up to date with the latest threats and security measures.

      The report also called for the government to do more to combat international digital crime and create a central database of Internet fraud complaints, channelled to the relevant bodies in each country.


RETURN TO TOP OF PAGE.



LINK TO: Site development and design by PLANETCAST.