Firms failing to report attacks on their IT, phishing,
unexpected cyberattacks and cyberterrorism are the four biggest
"banana skin" risk areas for IT leaders in 2004, according to a
report by the Real Time Club based on a debate and membership
survey at the end of 2003.
With the rise in awareness of IT risk as part of overall corporate
risk management, the Real Time Club, many members of which are
City-oriented IT professionals, aimed to set out a prioritised list
of risk areas. This list was influenced by the annual Banana Skins
Report from the Centre for the Study of Financial Innovation, which
identifies broader finance sector business risks.
So far, the Real Time Club's embryonic list is qualitative, drawing
on responses from 26 members, but all are well placed to understand
the state of the IT industry.
Five of the top 10 risks relate to internet-based attacks on
information systems. Concealment of attacks was viewed as the most
severe risk, closely followed by phishing - the use of spoof
websites and e-mails to elicit confidential information from
users.
The danger of unexpected attacks and cyberterrorism followed. At
number 10 on the list was the risk of spam halting the internet.
Hackers uniting to hit systems with multiple attacks was taken
seriously in 11th place.
"Most of these are relatively new phenomena and are new risks we
all have to accept and manage if we are to enjoy the benefits of
ubiquitous computing and communications," said the report.
The risk of the National Grid failing was in fifth place,
reflecting IT leaders' concern over the power outages experienced
in London last autumn.
The demands of data protection were ranked sixth, with fears they
could prevent the effective conduct of e-commerce.
The impact of offshore outsourcing on the UK economy, in seventh
place, was seen as a growing risk to the IT industry.
The headache of users installing unauthorised software or hooking
up their own IT to the corporate network was ranked eighth. This
problem is often driven by inneffective communication between IT
staff and end-users leading to unsatisfactory systems that
encourage end-users to find their own solutions.
Government plans for personal ID cards were considered to have a
high risk of failure, which could result in expensive consequences
for users' trust in IT and the development of public services
systems.
Real Time Club
Founded in the 1960s, the Real Time Club has an eclectic membership
of 150 innovators and thinkers from across the IT industry,
including IT users, suppliers, academics, politicians, civil
servants, and venture capitalists. The group, which meets five
times a year, is accountable to nobody and its meetings are off the
record. It is influential behind the scenes and on-going
"think-tank/ pressure group" interests include education, finance
and quantum computing.
www.realtimeclub.org.uk