ISACA Commends EC Plans for Tougher Cybercrime Legislation

London, UK June 2009 (Eskenzi PR) - ISACA (formerly known as the Information Systems Audit and Control Association) a not-for-profit organisation that seeks to encourage best practice in the IT security industry has applauded plans for the European Commission to increase the penalties against people committing cybercrime.

Under the new EC proposals, according to reports, prison sentences could be increased to five years or more for serious cybercrimes up from one to three years at present.

"It's likely that the potential rewards from cybercrime are such that current penalties are not going to act as a deterrent,” says Rolf von Roessing, member of the ISACA's Security Management Committee. “The rewards of criminal exploits can stretch into the millions."

The reality, says von Roessing, is that there is no such thing as a victimless crime, as a large number of people are still paying for criminal acts that generate revenue for the perpetrators.
"Spam, botnets and out-and-out theft of electronic data are modern-day scourges. Cybercrime needs to be dealt with strongly and the EC’s actions are a step in the right direction for Internet users everywhere," von Roessing added.

For more on the EC cybercrime plans:

For more on ISACA:

With more than 86,000 constituents in more than 160 countries, ISACA® ( is a leading global provider of knowledge, certifications, community, advocacy and education on information systems assurance and security, enterprise governance of IT, and IT-related risk and compliance. Founded in 1969, ISACA sponsors international conferences, publishes the ISACA® Journal, and develops international information systems auditing and control standards. It also administers the globally respected Certified Information Systems Auditor™ (CISA®), Certified Information Security Manager® (CISM®) and Certified in the Governance of Enterprise IT® (CGEIT®) designations.

ISACA developed and continually updates the COBIT®, Val IT™ and Risk IT frameworks, which help IT professionals and enterprise leaders fulfill their IT governance responsibilities and deliver value to the business.