FTSE security chiefs look to set up new user group

IT security chiefs from a group of FTSE 100 companies want to form a user group to collaborate on IT security standards and bring...

IT security chiefs from a group of FTSE 100 companies want to form a user group to collaborate on IT security standards and bring their various approaches into a single framework.

Three weeks ago, Computer Weekly first revealed that IT leaders from 10 organisations, including ICI, Royal Mail, BP, financial institutes and the Office of the E-Envoy, had been working on approaches to IT security around the theme of boundaryless networking, or "deperimeterisation". Now group members want to bring in others to share the work and spread the message.

The aim is to resolve the problem of securing a network while supporting greater openness with partners and customers.

Paul Simmonds, global information security director at ICI, said each organisation in the group was working on similar ideas, but the approaches and terminology differed. "We have all got to sit down and agree a common framework," he said.

David Lacey, director of security and risk management technology, services and innovation at Royal Mail, said, "It will be good for us to share our ideas as there are a lot of people who do not have the skills to develop IT security."

Lacey, who collaborated with the Department of Trade & Industry to set up the BS7799 security user group, wants to open up the group to more organisations. "We are looking to form a group with no joining fee," he said.

If there is no charge to join, everyone will be expected to contribute to the security model, he added.

Daniel Dresner, standards manager at the National Computer Centre, said, "The NCC would be eager to get involved at the early stages and facilitate the collaboration of its 1,000 member organisations. There is an ideal opportunity for supplier bodies to do likewise."

However, Peter Sommer, head of computer security research at the London School of Economics, was concerned that the group could end up devising another BS7799 security standard, which itself began as a collaboration between the DTI and business.

FTSE firms in security quest offer different approaches to 'deperimeterisation >>

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.