IT Security Gets a Boost as Survey Shows Spending Up

The Majority of Organisations expect to increase spending on Information Security

London, UK 14th April 2009 - A survey by Infosecurity Europe has found that spending on Information security is likely to increase according to 55% of the 1010 respondents they asked and 34% expected their spending to remain the same as last year. Only 8% expect minor reductions of less than 5% of last years spending and 2% expect significant reductions of more than 5%. This contrasts significantly with overall spending on IT as 36% of respondents expect minor reductions from last years IT Spending and a third expect to see major reductions compared to last years IT Spending. A fifth expect overall IT spending to be higher than last year and 10% expect their overall IT spend to be the same as last year.

“Even though overall IT budgets may be reduced and the economic crisis continues to deepen, spending on information security will continue to grow driven by the increase in security threats and the fact that many organisations are still in catch up mode. IAM projects are still on a catch-up mode, so more work is needed. In addition, new areas call for additional spending. Mobile users and remote access are still poorly protected against very agile threats. ” said Eric Domage, Research Manager - Security Products & Services, IDC EMEA Software Group.

Domage continued, “We expect to see an increase in “Frustration Hacking” when people opportunistically attack their own company because they have been fired or frustrated, these first-time-last-time attacks are almost impossible to prevent. They are called first-time-last-time attacks because the people committing them have never done anything wrong before and it is done on their last day in the job. Attacks of this nature are complex to detect, prevent and remedy, for example if someone deletes all the data on servers in a company it can take weeks to correct. Prevention requires security policy, encryption and access control, these are large projects which need to be implemented before a Frustration hacking attack takes place and this is one factor that is driving spending on information security.”

He then proceeded to say: “Our prediction for the Western European Software Information Security market is that it will grow by 7% in 2009 driven by concerns about holes in information security such as Data Leakage Prevention, data integrity attacks and mobile security which are all new areas that many organisations are still getting to grips with.”

According to Tamar Beck, Group Event Director, Infosecurity Europe, “The threat from cyber crime has increased significantly in the past 12 months with predictions of the cost of cybercrime reaching hundreds of billions of dollars a year and our own research found that 90% of organisations expect security breaches to increase in 2009. The economic climate, lack of effective legislation and under resourced crime prevention have created a time bomb for cybercrime, cyber terrorism and cyber activism all of which are stretching IT departments in the government and commercial sectors. There is still a huge requirement to invest in information security which is resulting in robust budgets for information security even if overall IT budgets may remain static or even shrink slightly. At Infosecurity Europe we have brought together all the top infosecurity providers from across the globe so that organisations can compare and select the latest technology to protect your organisation and an education programme packed with outstanding experts.

In the keynote programme Dr. Nigel P Brown, Lead for Resilient Telecommunications Strategy, Cabinet Office chairs the panel on the “Global Credit Crunch & the IT Security Market: The Impact To Market & Solutions For Recovery”. In uncertain financial times, any investment in technology is likely to be severely curtailed, but there are still areas of significant growth within the Information Security industry. In this keynote the ways in which security can support IT development in a tough investment climate are explored, and technology classes that can still deliver highlighted will be investigated by:

• Nick Coleman, Co-Founder, The Technology Den
• Jason Creasey, Head of Research, Information Security Forum
• Eric Domage, Research Analyst IDC
• Jeremy Garside, Head Of Technology, The London Symphony Orchestra
• Ed Gibson, Fellow, British Computer Society
  

Infosecurity Europe, running for its 14th year in 2009, is Europe’s number one Information Security event. Featuring over 300 exhibitors, the most diverse range of new products and services, an unrivalled education programme and visitors from every segment of the industry, it is the most important date in the calendar for Information Security professionals across Europe. Infosecurity Europe is one of five Infosecurity events around the world with events also running in Belgium, Netherlands, Russia, and France. Infosecurity Europe runs from the 28th – 30th April 2009, in its new venue Earls Court, London.

To register to attend or for more information please visit www.infosec.co.uk

Source: Eskenzi PR
<>

Latest US Internet crime report recommendations applicable to the UK

Infosecurity Adviser says US Internet crime report recommendations applicable to the UK

London, UK – 7th April 2009 - Tamar Beck, Group Event Direct, Infosecurity Europe and Infosecurity Adviser, the Web portal of the Infosecurity Europe show, says the recommendations of the recently released Internet crime report from the Internet Crime Complaint Center (IC3) in the US are highly applicable to the UK.

"The US report makes some very useful recommendations, especially in Appendix 2, when it talks about the best practices to prevent Internet crime," she said.

"We suggest that business users of the Internet download the report from the Internet and read through the recommendations, especially those that relate to business usage," she added.
According to Beck, comments such as not judging a company based on their `fancy Web site' are very appropriate to UK businesses, since it is now possible to assemble a very slick Web site using one of the several Internet site hosting kits now available.

This means, she explained, that it is perfectly possible for a rogue trader to create a Web site that purports to be a large and well established company, when in fact the site kit has cost the trader around 40 pounds including a year's Web site hosting.

Suggestions that firms do not place orders on the Internet unless the trader publishes their full address and phone number, she went on to say, are very valid.

A lot of Internet users, including businesses, she says, are unaware that any UK company with a Web site must publish this information on their pages, as well as on all emails sent out to customers.

This has been a provision of the Companies Act and has been in place since the start of 2007, she explained, adding that since 01/01/07, firms must include their full details on their Web sites and in their email footers, or face a hefty fine.

The recommendation that businesses try to obtain a physical address, rather than a Post Office box is also very valid, she said, adding that, although it costs upwards of 100 pounds a year to rent a PO box, it is common for firms to rent out their boxes to third party firms, so opening the door to possible fraud.

"It's also now possible to register a limited UK company electronically for 25 pounds or less, go to the bank and set up a free business bank account, and cash cash cheques immediately. Add in the ability to access card payments through a number of Internet services, and you have a perfect recipe for fraud," she said.

"Many companies trade quite legitimately on the Internet, but firms wanting to save money - especially in these tough economic times - may end up buying from a company whose prices look too good to be true. Our advice is to download this report, read it thoroughly and apply the recommendations on a company-wide basis," she added.

For a copy of the OC3 2008 Internet Crime report:
http://infosecurity.us/public_docs/2008_IC3_Annual%20Report_3_27_09_small.pdf

For more on the Infosecurity Adviser: http://www.infosecurityadviser.com

Neil Stinchcombe, Infosecurity PR
<>