|
Human error is by far the biggest risk for computer network security, with carelessness with passwords ‘costing businesses a fortune in theft and fraud’, a survey by the Department of Trade and Industry (DTI) has found.
As a result, the DTI is spending £4 million on four research projects aimed at reducing the risk that human error plays in computer network security, as part of its Network Security Innovation Platform.
Minister for Science and Innovation, Malcolm Wicks, said:
"Unfortunately, the weakest link in network security is not usually with the technology, but with the staff and system users. The UK lost £440m to credit card fraud last year alone, with 62 percent of companies experiencing a network security incident, so the stakes are high - this is a problem we need to fix.
"Network security is also a major growth area where the UK has a good opportunity to become a global leader if we develop new technology to give us a competitive edge."
The four projects are:
Integrating Security Technology & Organisational Culture for Employee Risk: BAE Systems, and Loughborough University.
Aimed at developing novel organisational and human factors focused on network security risk assessment package.
Trust Economics - Hewlett-Packard Ltd, Merrill Lynch, University of Bath, University of Newcastle, and University College London.
Aimed at developing a predictive modelling framework that assesses the effectiveness of the security policies that regulate the interaction between humans and information systems.
The Analysis of Human Behaviour from Network Communication - Chronicle Solutions, and the University of Plymouth
Aimed at developing a potential technology solution for the analysis of digital communications in order to identify and act on potential security threats introduced by humans to information and IT services.
CatalysIS: A tool to improve risk culture and identify human vulnerabilities in Network Security - The National Computing Centre Ltd, and the University of Manchester
This project is aimed at improving attitudes towards risks both to and from information systems, specifically a software-based tool that provides a network security awareness programme that is tailored to the individual employee.
More details on the projects
More details on the survey
•Date: 19th June 2007 • Region: UK •Type: Article •Topic: ISM
Rate this article or make a comment - click here
|
