PracticePeople In PracticeDTI survey uncovers security complacency

DTI survey uncovers security complacency

An influential study sponsored by the Department of Trade and Industry has painted a widespread picture of complacency and lack of security awareness among UK businesses.

The survey of 1000 firms across British industry, released today, has revealed that 60 per cent of companies interviewed have suffered a security breach within the past two years.

Alarmingly, almost two in three companies with an “extremely serious” breach maintained “nothing has changed” since the breach occurred.

The survey, which found that one in three firms trade over the internet, shows UK businesses’ ignorance and complacency about the importance of security to ebusiness.

More than four in five businesses with external electronic links do not use any firewall protection and 59 per cent of those with a website do not use website protection.

Against this organisations reported that security breaches cost from between £20,000 to well in excess of £100,000.

The principal cause of security breaches, representing two in five cases, was human error – highlighting that security best practice goes deeper than technology alone. Chief among these shortcomings was a failure to undertake risk assessment – only one in seven organisations has a formal information management security policy in place.

Deri Jones, managing director of security testers NTA Monitor, said security awareness in organisations varies enormously with a percentage of firms leaving themselves “wide open”.

“Many organisations have spent money on firewalls and any problems encountered are due to oversights,” said Jones. He added that internet security is still a relatively young market.

“There has been a rush since the start of the millennium to get ecommerce projects live, and some organisations are finding that it’s much harder to get security back. It’s much easier to put it into the project in the first place,” he said.

The full findings of the DTI’s Information Security Breaches Survey 2000 (ISBS 2000) will be released at Infosecurity Europe 2000 on 11 April at Olympia in London.

Patricia Hewitt, the ecommerce minister, said: “The consequences of security incidents can be disastrous but they are avoidable.”

There were however some signs that the Government’s message was getting through. The vast majority of organisations interviewed had virus protection and password controls.

Bob Brace, global vice president Nokia Internet Communications, which managed the survey along with Axent Technologies, said: “As an industry we have to raise awareness of the issues involved without causing panic. We need to remove the fear of doing business in a wired world, but not remove the paranoia.”

The full findings of the DTI’s Information Security Breaches Survey 2000 will be released at Infosecurity Europe 2000 on 11 April at Olympia in London.

AccountancyAge.com feature: what they are and how to protect yourself

Related Articles

Is inefficiency stealing your time and money?

Accounting Firms Is inefficiency stealing your time and money?

6m Emma Smith, Managing Editor
CIMA elects new president

Institutes CIMA elects new president

6m Emma Smith, Managing Editor
Transparent currency trade: How to achieve costs visibility

Governance Transparent currency trade: How to achieve costs visibility

6m Emma Smith, Managing Editor
Introduction to KPMG UK’s new leadership team

Accounting Firms Introduction to KPMG UK’s new leadership team

6m Emma Smith, Managing Editor
EY appoints head of UK Infrastructure Asset Intelligence practice

Accounting Firms EY appoints head of UK Infrastructure Asset Intelligence practice

8m Emma Smith, Managing Editor
FRP Advisory expands operation with new office, partner appointments

Accounting Firms FRP Advisory expands operation with new office, partner appointments

10m Emma Smith, Managing Editor
Magma Group announces merger, partner promotions

Accounting Firms Magma Group announces merger, partner promotions

10m Emma Smith, Managing Editor
MHA MacIntyre Hudson advises on management buy-out

Accounting Firms MHA MacIntyre Hudson advises on management buy-out

10m Emma Smith, Managing Editor