Save content
Have you found this content useful? Use the button above to save it to your profile.
AIA

New website launched for information security industry

by
23rd Apr 2008
Save content
Have you found this content useful? Use the button above to save it to your profile.

To celebrate Information Security Week, the organisers of the Infosec event in London this week have launched a permanent website for the industry called infosecurityadviser.com, John Stokdyk reports.

The site has a very simple layout, which is helpful when you're dealing with potentially complex and arcane issues, and is based around key sections such as:

  • Product news and reviews
  • Recruitment/career issues and job opportunities
  • Expert questions and answers
  • Member forums
  • Blogs
  • The expert questions have been seeded with a few starter queries such as, "What commercial encryption products are seen as economically viable for small businesses and who are the best providers?", "How do you justify risk mitigating expenditure in a business case?" and what are the most important security risks.

    The member forum is still a little thin, but the opening blogs were a little more lively. Among the contributors is PricewaterhouseCoopers partner Chris Potter, who masterminded this years BERR/PwC Security Breaches survey.

    Potter welcomed the new community as a great way for the industry to share experiences and get answers to the questions raised. Drawing on the findings of the 2008 security survey, Potter's first blog for the site touched on the human factors surrounding security. Remote access and internet use have both increased by more than 50% over the past two years, he noted, but employees have also been targeted by social engineering attacks and business are worried about their exposure on social networking sites.

    "This is a pretty dangerous combination," noted Potter. While most companies have implemented better technical controls and taken steps to implement information security policies, they also need to shift people's behaviour patterns.

    "Too many users have a 'click mentality' - they become blind to warning pop-up boxes and do what expedites their current activity rather than what they know they ought to. It is a bit like the road speed limit - everyone knows they shouldn’t speed, but many people go ahead and do so," he noted.

    To lead users from first generation security awareness to behaviourial change is the industry's next big issue, according to Potter, and one for which technically skilled security experts may not be qualified to deliver. They are going to need to work with other specialists such as marketing and HR to embed security into the culture, he argued.

    As long as it attracts some community input, infosecurityadviser.com could grow into a valuable online resource. Once the Olympia event and Information Security Week are over, it will be worth checking back for activity to how the site is progressing.

    Tags:

    Replies (0)

    Please login or register to join the discussion.

    There are currently no replies, be the first to post a reply.