Securing the Information Society
Upcoming SlideShare
Loading in...5
×
 

Securing the Information Society

on

  • 1,522 views

Presented at 'The Information Intensive Society', London, 15 Oct 2009

Presented at 'The Information Intensive Society', London, 15 Oct 2009

Statistics

Views

Total Views
1,522
Views on SlideShare
1,519
Embed Views
3

Actions

Likes
1
Downloads
28
Comments
0

1 Embed 3

http://www.slideshare.net 3

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Reduce systemic fraud risks
  • http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_exec_summary_internet_security_threat_report_xiv_04-2009.en-us.pdf http://apwg.org/reports/apwg_report_Q2_2008.pdf
  • http://www.ic3.gov/media/annualreport/2008_IC3Report.pdf http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_exec_summary_internet_security_threat_report_xiv_04-2009.en-us.pdf
  • Commission work - LAP. ENISA & telecoms consultation.

Securing the Information Society Presentation Transcript

  • 1. Dr Ian Brown, Senior Research Fellow Oxford Internet Institute
  • 2.
    • Availability & integrity of Critical National Infrastructure
    • Protection of confidential information
    • Manageable levels of fraud
    • … all in cost-effective form, where costs include inconvenience, enhancement of fear, negative economic impacts & reduction of liberties
  • 3.
    • Highly efficient criminal economy has sprung up (bot herders, coders, mules, phishermen)
    • Phishing (Symantec detected 55,389 phishing website hosts in 2008) – with increased targeting
    • Compromised machines (Symantec observed 75,158 bots/day)
    Anti-Phishing Working Group Q2 2008 report
  • 4. Internet Crime Complaint Center 2008 Annual Report p.3 Symantec Internet Security Threat Report 2009 p.10
  • 5.
    • Appropriate resourcing for law enforcement
    • Fund security R&D, where appropriate with INFOSEC agency participation
    • Use procurement, licensing and standardisation power to require significantly higher security standards in systems and services
    • Use diplomacy to pressure state actors behind Russian Business Network, DDoS attacks, classified network incursions etc.
  • 6.
    • House of Lords concluded liability should be shifted to some combination of software vendors, ISPs and financial institutions
    • Intended to incentivise innovations such as RBS off-line consumer card terminal