The European Union has a long way to go in safeguarding Internet businesses, according to the European Network and Information Security Agency. ENISA cited the possibility of a "digital 9/11."
Specifically, ENISA underlined the importance of network and information security, especially in regard to i2010, the EU's umbrella strategy for developing technology. ENISA looked at social networking, spam and online fraud, among other identified threats.
"Europe must take security threats more seriously and invest more resources in network and information security," said Andrea Pirotti, executive director of ENISA. He urged the EU to require "reporting on security breaches and incidents for business, just as the U.S. has already done."
A Growing Problem
ENISA said 30 percent of global trade is "digitally dependent" and cited estimates that spam cost businesses about EU64.5 billion (US$101.43 billion) in 2007, double the 2005 figure. With only 6 percent of spam reaching mailboxes, ENISA said, the problem is perceived to be under control. However, it is growing in quantity, size and bandwidth and remains a costly problem.
According to ENISA, computer emergency response teams (CERTs) are key components in combating cyber attacks and spam. ENISA estimated there are six million hijacked computers, or botnets, used worldwide by organized criminals to send spam and commit online fraud. In 2005, only eight EU member states had CERTs, but today there are 14, with 10 more planned.
However, Pirotti said, "The member states should undertake concerted efforts to reduce the imbalances in security levels, with more cross-border cooperation."
Assessing the Risks
ENISA stressed the risks of social-networking sites and recommended a review of the regulatory framework of Directive 2002/58 on privacy and electronic communications. ENISA has also produced a feasibility study on a European information sharing and alert system for citizens and small and midsize businesses, which make up two-thirds of the EU economy.
As the Internet matures and people rely on computer technology, we are increasingly vulnerable to attack, according to Ken Dunham, director of global response for iSight Partners. There are more people on the Internet today, he said, and the majority know little about technology or security. The large number of interdependencies also pose a risk for medical, government and financial systems.
"We've had so many new technologies and changes at breakneck speed that it's hard enough to get them to work, let alone secure, and heaven forbid somebody target them. We are increasingly vulnerable. There are more assets at risk and people depend on them," Dunham said. "But most terrorists are training people to be suicide bombers, not to set up superlabs to look for ways to disrupt systems."
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment