Industry, the police and government departments need to
work together if small and medium-sized businesses, the core of all
corporate supply chains, are to tackle the growing menace of
e-crime more effectively.
Two groups, Parliamentary/industry IT lobby group Eurim and IPPR,
the influential left-of-centre political think-tank, this month
came up with nine clear recommendations.
In summary, the recommendations are:
- The National Hi-Tech Crime Unit should take the lead by
providing a one-stop shop for information
- A basic "green cross-code"-style awareness programme is needed
for SMEs
- The Department for Further Education and Skills and the
learning and skills councils should mandate IT security modules in
all publicly-funded IT training
- All mass market IT user skills programmes, such as the European
computer driving licence, should include specific IT security
sections
- The Home Office, Department of Trade & Industry and the
DfES should co-operate in giving practical advice to groups of
small firms about IT security issues
- The Home Office should mount a nationwide publicity campaign
highlighting the need for IT security
- Government should encourage IT security accreditation schemes,
perhaps building on existing qualifications offered by the British
Computer Society or Infosecurity Europe
- Suppliers' associations such as Intellect should get their
members talking about providing better levels of security
- All bodies training IT technicians should review course
material and include mandatory and practical content on IT
security.
"The issues around e-crime are similar to all organisations and
their solution is a non-competitive issue," said Chris Devine,
information security manager at Camelot, who chaired the Eurim
group which came up with the recommendations.
"This is a good report because it tackles the issue in a realistic
way," said the Earl of Erroll, a member of the group. "Regulation
does not work because criminals are proactive whereas the law is
reactive, therefore people have to defend themselves."
Devine is confident government departments can work together
effectively on these recommendations because they are easier than
they think. "The paradox is that because the message is so simple,
government departments see work involved that is not there. It
really is a simple exercise," he said.
What is Eurim?
The European Informatics Market (Eurim) is a Parliamentary/industry
lobby group which identifies the IT implications for ideas on
legislation in Brussels or Westminster.
Under the chairmanship of MP Brian White, previously an IT
professional at Abbey National, Eurim flashes up early warnings in
its workshops which comprise users, suppliers, consultants and
parliamentarians.
It has scored notable successes, most recently in cutting back on
the number of amendments needed on the Communications Bill, and
thereby speeding its passage through Parliament.
www.eurim.org