Majority of UK Businesses Don’t Understand Security Risks Thursday 6 December 2001 PDF Print TES01.03 Panel Representing Business Community and IT Specialists Debates Vulnerability of UK Business in Current Climate In spite of the centrality of security to the IT world, the business community still remains largely disinterested in and unaware of the potential threat that security breaches poses to their business. The London Chamber of Commerce and e.centre UK, representing SMEs, agreed at a debate hosted by TesCom that security is simply not on the agenda of the average UK company. Where there is investment in security it is often misplaced, claims TesCom. “Businesses tend to concentrate on one risk that they have identified and leave themselves vulnerable to multiple other operational threats,” said TesCom’s vice president of Europe, Marc Earl. Piers Merchant of the London Chamber of Commerce highlighted: “Just as people don’t really think anyone will walk into their office with a bomb, the perceived risk of hackers is low. This apathy is largely why self-regulation won’t work. The last thing business needs is more legislation, but it’s probably the only way that any adequate provisions for security will be made.” Industry experts at this debate agreed that IT security is one of the most difficult areas for organisations to address because there are so many different threats, and investment in IT is seen as non-revenue generating. The primary conclusion drawn is that the risk to organisations through inadequate security is likely to increase, and one of the best ways for businesses to address this is through comprehensive testing of IT systems, especially those connected to the web. Mercury Interactive’s UK managing director, David Harrison, summed up the general feeling of the debate by saying, “If you want to trade over the web you need to be seen to be secure.” “We focus too much on hacking as the main security threat. Organisations need to look at application-level security as well as infrastructure security. Security breaches come in many guises and hacking isn’t the primary threat to the average business. Not looking at the bigger picture leaves organisations wide open to problems of the unstable world of IT,” added Marc Earl of TesCom. “People think of online fraud as a ‘victimless crime’ so don’t really worry about it, but even though the costs are not immediate, we all pay for fraud through increased charges and premiums.” Mike Thompson, principal analyst at Butler Group, indicated that the onus to deal with fraud must be with the banks and retailers. It is up to these organisations to take the responsibility to ensure authentication, and therefore improve confidence in trading online. Roger Till, director of external affairs at e.centre UK, said: “SMEs represent the vast majority of UK businesses. Most of them use their 14 year old as their IT advisor and have no idea that they face any risk at all. Ironically, the limited access to broadband that SMEs have protects many of them from the security issues that larger corporates face.” David Harrison of Mercury Interactive highlighted the scale of the problem: “In the first 20 systems that we tested, 19 had a problem. Awareness about security will remain a problem though because no-one ever talks about it.” Ofer Maor, security consultant at TesCom's security division eDvice, pointed out: “Awareness of security at management levels where budget is allocated is amazingly low – IT departments often ignore security because it isn’t revenue generating and doesn’t give an opportunity to work on exciting new technology.” - ends - About TesCom Ltd TesCom mitigates business risk and reduces time to market by delivering independent, tailored software testing and quality improvement services. TesCom is the largest specialist global provider of testing services with a flexible service offering, based on best practice techniques and an in-depth market understanding of its clients’ business sectors. TesCom’s goal is to promote and deliver effective testing to make IT-based business services and applications more user-focused, responsive and robust to meet ever-increasing performance demands. To find out more about TesCom, visit www.tescom-intl.com. Company Contact Lee Farman CTO, TesCom 020 7022 6700 firstname.lastname@example.org PR Contact Catherine Eyres/Mary Brain Strategic PR 01494 434434 email@example.com This press release was distributed by ResponseSource Press Release Wire on behalf of Strategic Public Relations Ltd in the following categories: Consumer Technology, Personal Finance, Business & Finance, Computing & Telecoms, for more information visit https://pressreleasewire.responsesource.com/about.