IT infrastructure a lot more secure, promises Government

The UK is prepared for an attack on its critical national IT infrastructure, government agencies promised today, despite calls...

The UK is prepared for an attack on its critical national IT infrastructure, government agencies promised today, despite calls from experts for more action.

The comments, which come on the anniversary of the 11 September terrorist attacks in the US, follow months of behind-the-scenes activity by a raft of government organisations.

The Office of the e-Envoy, the National Infrastructure Security Co-ordination Centre (NISCC), the Bank of England and the Financial Services Authority said substantial work over the past 12 months had greatly improved resilience of the UK's IT infrastructure.

FSA managing director Michael Foot said his organisation had worked closely with the Bank of England and the Treasury to help financial services companies bolster security. "The ability of key firms and the authorities to respond to a disaster or operational failure has improved markedly over the past year," said Foot.

David Roberts, chief executive of IT user group The Infrastructure Forum, said his members had done some fast learning after last September.

He added, "I'd encourage them [large companies] to ensure their new organisational procedures are well understood, and that people have the authority to act within them."

However, several disaster recovery experts suggested that there might have been insufficient follow-up after the initial reaction to last year's tragedy.

John Sharp, chief executive officer of the Business Continuity Institute, which has worked with the FSA and Department of Trade and Industry, said economic pressure could mean some companies no longer viewed business continuity as a priority.

"Recent surveys show that there are now fewer rehearsals of business continuity plans than before last 11 September," said Sharp.

Philip Virgo, strategic adviser to the IT directors' group IMIS, urged the Government to make greater efforts to protect the national IT infrastructure security. He suggested the Government should use the Y2K preparations as a model.

Virgo acknowledged the contribution of organisations such as NISCC, but said: "We need a new body combining government departments, critical service providers and industry to carry out an exercise like that for Y2K, but on an ongoing basis."

Mike Mikkelsen, head of business continuity at the Communications Management Association, which represents telecoms users, agreed. "We need a forum, but it can't be bureaucratic or more about spin than delivery. It has got to be focused and sympathetic to the market."

Read more on IT risk management