Today is “Internet Safety Day” – it also sees the launch of the “Information Security Awareness Forum” – the UK ICT professional bodies coming together to present common and compatible messages to employers and consumers
The largest single exercise undertaken by EURIM in recent years was its joint study with ippr on “Partnership Policing for the Information Society”. Over 200 individuals from over 70 organisations (users, suppliers, government departments, law enforcement agencies, consultants and academics) worked together and identified a remarkable degree of consensus on what needed to be done to tackle e-Crime: from awareness campaigns, through education, training and vulnerability reduction to co-operation on enforcement. The results were published in a series of reports and briefing papers from December 2003 to January 2005.
But effective action needed partnership across too many government departments not just across users, suppliers and law enforcement. More-over, the resources available to law enforcement for combatting e-crime are dwarfed by the spend of industry on information security. The ongoing delay over the creation of the planned Police E-Crime Co-ordinating Unit, despite the recommendations of the House of Lords Select Committee enquiry unto Personal Internet Safety, illustrated the difficulty and in October I summarised the current situation in a series of update papers for the Parliament and the Internet Conference.
On March 6th the first UK Internet Governance Forum, (with all party parliamentary support from PITCOM, EURIM and ApComm and presented by Nominet in collaboration with the Department for Business and Rt Hon Alun Michael MP, who led the UK delegation to the Summit at Tunis which created the global IGF) will have a crime reduction partnership as one of its threads.
Alun also chairs the EURIM E-crime Group. A significant part of my personal workload over the year ahead, as Secretary General of EURIM, will be to help make a reality of that partnership and I will be looking to recruit (as corporate members) those who are serious about protecting their customers in order to form consortia to help drive and deliver the necessary projects.
Today sees the launch of the first of those consortia, brought together by the ISSA, who joined EURIM last year with the organisation of such co-operation already in mind as one of their objectives from membership.
The British Computer Society, Communications Management Association, the Information Assurance Advisory Council, the Institute of Information Security Professionals, the Institute for the Management of Information Systems, the Information Security Forum, the Information Systems Audit and Control Association, the Information Systems Security Association, the Institution of Engineering and Technology, the (ISC)2, IUA Digital Risk Working Party, the Jericho Forum, the Security Awareness Special Interest Group, have got together with EURIM, GetSafeOnline, Infosecurity Europe and the Worshipful Company of Information Technologists to create the Information Security Awareness Forum.
I am now leaving for the launch event to help answer questions. I plan to blog some more – on the questions we were asked and the answers we gave – when I get back.
The fact that so many bodies can come together and agree a common programme is testimony to the seriousness of the situation as seen from a user and professional pespective.
Will suppliers and government respond?
Watch this space?