Today marks the start of the UK's first information
security awareness week, organised by the newly formedInformation
Security Awareness Forum (ISAF).
ISAF was formed in February 2008 to create a co-ordinated
cross-industry,cross-institution approach for delivering security
awareness to UK businesses.
Membership of the forum is restricted to professional bodies
with a specific interest in information security awareness, such as
the Information Systems Security
Association (ISSA), the British Computer Society (BCS),
(ISC)², the Institution of
Engineering and Technology (IET), and Infosecurity Europe.
However ISAF does include organisations which also focus on
physical security, like ASIS International, and engages with
organisations with a stake in information security such as the
police central e-crime unit.
"It is about pulling active members in the industry together so
we can facilitate a change and make it all work to everyone's
benefit," said David King, chairman of ISAF.
The forum has asked members to schedule announcements about
their security information initiatives for this week, which
includes the Infosecurity Europe 2008
exhibition at Olympia in London from 22 to 24 April.
"Information security awareness continues to be problematic in
the UK at an individual and a corporate level," said King.
A consistent approach to delivering security awareness messages
to UK busineses of all sizes, he said, was key to helping clamp
down on trends such as the increasing incidence of identity theft
and fraud.
The ISAF is to publish a guide for company
directors on information security by the end of April that will be
made available free to UK businesses.
"If senior board members in organisations are aware of the need
for security awareness and the need for proper security and risk
management and information security management and some of the key
things that need to be done, that will make a big difference," said
King.