The DTI says firms could do a better job of guarding wireless networks, VoIP and e-commerce sites
Many UK firms are deploying new technology without ensuring they have strong security measures to minimise the risk of attack via their new systems, according to the DTI’s latest Information Security Breaches Survey.
The findings published last week also suggest that many smaller organisations are not doing enough to fully secure their e-commerce web sites.
The survey revealed that the number of unprotected wireless networks halved in the past two years, but one in five still had no security controls, and half of respondents said they implemented voice over IP (VoIP) systems without evaluating the security dangers.
"Like wireless networks, [VoIP] offers fairly limited security controls by default, so it is worrying that half of firms implemented it without considering the risks," said Chris Potter of PricewaterhouseCoopers, who led the survey. " When new technology emerges, people are very quick to get the business benefits, without considering the potential downsides."
Though 90 percent of online businesses said protection of customer data was the strongest justification for security spending, less than two-thirds of sites for financial transactions encrypted incoming data.
"While it is easier to set up internet-based businesses now, a certain level of technical knowledge and investment is required, but a minority of smaller businesses are still learning these disciplines," Potter said.
Ed Gibson, chief security officer of Microsoft UK, said the report showed that firms are getting better at securing their networks, and technology is helping by being "more secure by default".
"E-commerce looks very bright,” Gibson said. “The report highlights continuous education and awareness [building], and we mustn't forget the [many resources] firms can go to if they are unsure.”
The full results of the survey will be released at the InfoSecurity Europe event in London in a fortnight.
Many UK firms are deploying new technology without ensuring they have strong security measures to minimise the risk of attack via their new systems, according to the DTI’s latest Information Security Breaches Survey.
The findings published last week also suggest that many smaller organisations are not doing enough to fully secure their e-commerce web sites.
The survey revealed that the number of unprotected wireless networks halved in the past two years, but one in five still had no security controls, and half of respondents said they implemented voice over IP (VoIP) systems without evaluating the security dangers.
"Like wireless networks, [VoIP] offers fairly limited security controls by default, so it is worrying that half of firms implemented it without considering the risks," said Chris Potter of PricewaterhouseCoopers, who led the survey. " When new technology emerges, people are very quick to get the business benefits, without considering the potential downsides."
Though 90 percent of online businesses said protection of customer data was the strongest justification for security spending, less than two-thirds of sites for financial transactions encrypted incoming data.
"While it is easier to set up internet-based businesses now, a certain level of technical knowledge and investment is required, but a minority of smaller businesses are still learning these disciplines," Potter said.
Ed Gibson, chief security officer of Microsoft UK, said the report showed that firms are getting better at securing their networks, and technology is helping by being "more secure by default".
"E-commerce looks very bright,” Gibson said. “The report highlights continuous education and awareness [building], and we mustn't forget the [many resources] firms can go to if they are unsure.”
The full results of the survey will be released at the InfoSecurity Europe event in London in a fortnight.
Share this page
Email this page
Back to Top
Home
Edit Post
0 comments: