Social networking is building an entirely new type of
world that will require a major change in the way business
organisations tackle information security, an independent security
advisor has warned.
David
Lacey, who is also a member of the
BCS Security
Forum Strategic Panel, said traditional security techniques
will not be applicable in future.
"Organisations will have to use the same media as their people
are using, so if everyone is using
social networking, they will have to engage at that level. They
will have no choice. Otherwise they will be left behind with the
wrong, inefficient mechanisms and techniques," he said.
Lacey will advise delegates at the
Infosec Europe 2008 event
in London next week to engage with the evolution of networks and
develop entirely new approaches to security and governance to
safeguard intellectual assets in those networks.
"The value [in information] is in moving it around and getting
it to people, so organisations have got to focus on security around
flows of information, and not put walls around valuable
intellectual assets, which requires an entirely different way of
doing security," he said.
Lacey said it was important to raise awareness and stimulate
debate around the impact of social networking on governance,
intellectual property ownership and business.
"The potential for espionage and fraud is dramatic where you
have social networks, because it is easy to expose information
accidentally, unconsciously or deliberately," he said.
According to Lacey, most organisations will have a lot of work
to do to minimise the possibility of losing intellectual assets
through networks. They will have to look to new technologies that
are smart enough to monitor outgoing flows of information.
"Security should be about keeping information and business
moving - that is the first paradigm shift we have to make. The
reaction to a social network should not be to lock it down. It
should be to enable it and provide protection around the flows of
information," he said.