Securing the Information Society

1,049 views
991 views

Published on

Presented at 'The Information Intensive Society', London, 15 Oct 2009

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,049
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
29
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Reduce systemic fraud risks
  • http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_exec_summary_internet_security_threat_report_xiv_04-2009.en-us.pdf http://apwg.org/reports/apwg_report_Q2_2008.pdf
  • http://www.ic3.gov/media/annualreport/2008_IC3Report.pdf http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_exec_summary_internet_security_threat_report_xiv_04-2009.en-us.pdf
  • Commission work - LAP. ENISA & telecoms consultation.
  • Securing the Information Society

    1. 1. Dr Ian Brown, Senior Research Fellow Oxford Internet Institute
    2. 2. <ul><li>Availability & integrity of Critical National Infrastructure </li></ul><ul><li>Protection of confidential information </li></ul><ul><li>Manageable levels of fraud </li></ul><ul><li>… all in cost-effective form, where costs include inconvenience, enhancement of fear, negative economic impacts & reduction of liberties </li></ul>
    3. 3. <ul><li>Highly efficient criminal economy has sprung up (bot herders, coders, mules, phishermen) </li></ul><ul><li>Phishing (Symantec detected 55,389 phishing website hosts in 2008) – with increased targeting </li></ul><ul><li>Compromised machines (Symantec observed 75,158 bots/day) </li></ul>Anti-Phishing Working Group Q2 2008 report
    4. 4. Internet Crime Complaint Center 2008 Annual Report p.3 Symantec Internet Security Threat Report 2009 p.10
    5. 5. <ul><li>Appropriate resourcing for law enforcement </li></ul><ul><li>Fund security R&D, where appropriate with INFOSEC agency participation </li></ul><ul><li>Use procurement, licensing and standardisation power to require significantly higher security standards in systems and services </li></ul><ul><li>Use diplomacy to pressure state actors behind Russian Business Network, DDoS attacks, classified network incursions etc. </li></ul>
    6. 6. <ul><li>House of Lords concluded liability should be shifted to some combination of software vendors, ISPs and financial institutions </li></ul><ul><li>Intended to incentivise innovations such as RBS off-line consumer card terminal </li></ul>

    ×