Link: Web-based attacks set to soar
The new OECD’s 7799 guidelines will focus on security awareness, education and responsibility, proposing that security measures be incorporated from the ground up as an essential element of information systems.
Risk assessments will also be proposed as an essential tool for securing networks and cooperation and swift action will be placed as vital to the prevention and detection of security breeches.
Ecommerce minister Stephen Timms said: ‘We are faced with a major challenge of making the information age a safe place to do business. Today’s launch marks a turning point in how we rise to that challenge.’
‘The UK has very actively supported and contributed to the revision of the original guidelines laid out in 1992. The new guidelines provide a set of principles that will help us create a culture of security.’
The recent Information Security Breaches Survey from the Department of Trade and Industry revealed that less than a third of businesses encrypt files containing confidential details and over a third of UK websites have no firewall in place.
Viruses are still identified as the major cause of the most serious security breaches but 17% of businesses still have no software in place to guard against such attacks.
The Confederation of British Industry also welcomed the reviewed guidelines. CBI representative, Jeremy Ward, said: ‘Far too many businesses today are crossing the information highway without knowing anything about the risk. As a result, too many of them are becoming involved in nasty accidents involving information security.’
‘The key issue is not so much what individual businesses must do to protect themselves, though this is still very important, it is creation of an environment of trust and security,’ he said.
‘Development of such an environment will require close and coordinated cooperation between industry and government. The guidlelines are the ‘green cross code’ of the information superhighway.’