Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

McAfee comments on House of Lords e-crime report

McAfee : 10 August, 2007  (Technical Article)
Lords e-crime report receives mixed reaction as McAfee believes the principles are correct but difficult to enforce and potentially costly for businesses
Today, the House of Lords Science and technology Committee released a new report calling for a major overhaul of current UK Internet security practices.

The report's recommendations include:..

* The introduction of a central web-based e-crime reporting system.
* Creation of security breach notification laws.
* The potential for IT security vendors to be held liable for security breeches.
* Review of the current system that online fraud to be reported directly to banks also recommends the introduction of legislation and hold banks liable for losses as a result of online fraud.
* Improve protection since the NHTCU was subsumed by SOCA.

Greg Day, security analyst for McAfee comments:
'We welcome many of the recommendations of the report and believe the introduction of a UK disclosure law would be a very positive step forward. Similar legislation is already in place across many US states and I feel it would improve confidence in the security of business in the long-term. Full disclosure is a positive step in the long term as it provides customers with the confidence that they will be informed should their personal information be breached/lost. Equally adds pressure to businesses to ensure that they have the appropriate security measures in place to prevent data breaches occurring to them. Short term consumers may see an increase in breaches as full disclosure takes effect. It would be important to educate them that this is not a sign of things getting worse, but more visibility of what is and has already been happening behind closed doors."

With regard to the the liability of security vendors, Day comments
"It would be very difficult to hold vendors responsible for breaches, as it really comes down to how solutions are implemented. You would have to ask, 'Did they have it configured correctly, updated and maintained?' Every business has different IT security requirements depending on their business and IT footprint. A security vendor supplies businesses with the tools,but it is down the business to use them correctly.

The report admits that e-Crime stats are hard to quantify, however a recent report by McAfee and analyst firm Datamonitor of over 1400 businesses found that:.
* 50% of the sample believed that it would cost over $100,000 (£50,968) to notify their customers of a data breach that exposed personal information.
* 30% believe that a major breach could potentially put them out of business.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo