Friday, November 25, 2011

Promising step to cybersecurity


The UK government has today released its 2011 Cyber Security Strategy.
With an increased focus on cybercrime, and renewed focus on cyberspace as an engine of economic and social prosperity, the strategy continues to hone Whitehall's understanding of this vibrant, complex and increasingly global domain.
Many of the strategy objectives - in particular those related to securing critical infrastructure - will require close engagement with the private sector.
These public-private partnerships are essential, and, as noted in a recent Chatham House report on critical national infrastructure, they require awareness, engagement and trust among senior decision makers on all sides.
This is not an easy process and requires a keen understanding of the incentives that guide actions in the public and private sectors.
Links to business
The government will also have to balance the tension between building a more secure environment - which requires standards and regulation - and encouraging businesses to set up shop in the UK.
However there are signs that Whitehall is aware of these complexities and the need to experiment with potential solutions.
One new initiative is a three-month pilot scheme among five business sectors: defence, finance, telecommunications, pharmaceuticals, and energy.
It will exchange "actionable information on cyber threats", "analyse new trends" and work to "strengthen and link up our collective cyber security capabilities".
The strategy also supports existing independent initiatives such as Get Safe Online (raising awareness of cyber threats) and Cyber Security Challenge UK (searching for new talent), both of which have taken a good idea and implemented it in a simple and straightforward manner.
Risks
Cybercrime is topic that receives significant focus, in particular for the damage it does to the financial and social fabric of the country.
One primary initiative will create a "national cyber crime capability as part of the new National Crime Agency by 2013".
Another will create, by the end of 2011, a "single reporting system for citizens and small businesses to report cyber crime".
These are all encouraging steps that will require patience and persistence but which are essential.
One idea that looks slightly riskier is a "government-sponsored venture capital model to unlock innovation on cyber security in SMEs" (small and medium enterprises).
The appetite for risk varies widely between Silicon Roundabout and Whitehall, and government experimentation with venture capitalism has often produced mixed results. For example the US government's $535m (�345m) loan to Solyndra - the now-bankrupt solar panel manufacturer.
First steps
The new strategy is more detailed than the 2009 version, and in many ways reads more like a cyber and economic security strategy.
It continues the process set in motion by the recent Foreign Office-led London Conference on Cyberspace, which emphasised the economic and social benefits of a secure cyberspace and called for development of "rules of the road".
The introduction to the strategy notes that the government will report back in 2012 on progress made toward these objectives.
This strategy is a promising step and has ambitiously laid out a task list of dozens of actions.
The real challenge will be to prioritise and deliver in a climate of financial austerity.
David Clemente is a research assistant specialising in international security, at the Chatham House think tank.
He is the co-author off the organisation's recent report "Cyber security and the UK's critical national infrastructure".

Drugs giant challenges Facebook

The German drugmaker Merck KGaA has begun legal action against Facebook after discovering what its lawyer described as the "the apparent takeover of its Facebook page".

The webpage is being used by the German firm's US rival Merck & Co.

Merck KGaA said that the social network "is an important marketing device [and] the page is of great value", adding that since its competitor was benefiting from the move "time is of the essence."

A Facebook spokeswoman said: "We are looking into it."

Merck KGaA said it had entered into an agreement with Facebook for the exclusive rights to www.facebook.com/merck in March 2010.

The German firm said a number of its employees had been subsequently assigned administrative rights to the page.

However, Merck KGaA said that when it had checked the site on 11 October this year it had discovered it had lost control of the page, and that content on the site now belonged to Merck & Co.

Divided

The two drugmakers both stem from the same firm set up by a pharmacy owner in the German city of Darmstadt in 1668.

The business was split in two after World War I as part of the reparations package imposed on Germany.

Merck KGaA's lawyer, Robert Horowitz said he had sent a letter and a series of emails to various Facebook staff asking to discuss what had happened to the webpage.

However, he said the respondents "either did not understand the problem... [or were] intentionally giving unresponsive answers".

Mr Horowitz said that when he had requested a telephone conversation, one of Facebook's staff "incredibly replied that 'no-one is available for a call at this time'".

Legal steps

Merck KGaA has since filed a petition with the- Supreme Court of the State of New York.

"We took legal action versus Facebook to ask for information why a website we thought we owned isn't ours anymore," Dr Gangolf Schrimpf, a spokesman for Merck KGaA, told the BBC.

"We are just trying to learn what happened."

However, the court filing notes that: "Merck is considering causes of action for breach of conduct, tortious interference with contract, tortious interference with prospective business advantage, and/or conversion."

Interaction

Merck KGaA stressed that it had not taken any action against its US counterpart at this stage.

Facebook was unwilling to make a comment beyond saying that it was looking into the case.

Branding experts say the case reflects a growing belief that social networks can offer firms a better way of reaching their customers than through their own websites.

"Company communication departments have realised that many of the people they want to reach and influence are already on Facebook," said Simon Myers, from the consultancy Figtree Network.

"As corporate content becomes more tailored and engaging, social media sites such as Facebook represent a brighter future of greater customer dialogue and interaction than the current corporate website with static content and pictures of people shaking hands."



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement

Cyber security strategy unveiled

The government will reveal its plan to tackle cyber crime later, including using the intelligence agency GCHQ to help the private sector protect itself.

Police forces will be encouraged to train "cyber specials", while specialist Army reservists could also be used to provide particular skills.

There will also be a big focus on helping the public protect themselves.

It comes as the amount - currently about 6% - of UK GDP generated by the internet continues to grow.

The increasing dependence on the digital world carries risks and the cyber security strategy is aimed at outlining responses to minimise them.

Last year's national security strategy ranked hostile computer attacks on a par with international terrorism as a threat to the UK.

Ministers then announced an extra �650m for cyber security, particularly to bolster protection for key infrastructure and defence assets.

The government says there are more than 20,000 malicious emails sent to its networks each month, 1,000 of which are deliberately targeted.

'Kitemarking'

The strategy is expected to include a new joint initiative between the public and private sector to exchange crucial information on cyber threats and to manage the response to attacks.

It is also expected to set out ways in which GCHQ can help private companies and improve the wider UK cyber security sector.

There will be further details on the Ministry of Defence's new Defence Cyber Operations Group, and a plan to encourage all police forces to follow the lead of the Metropolitan Police and train cyber specialists.

Individuals will also be given more help to protect themselves, amid a warning from GCHQ that 80% of successful attacks could be thwarted by following simple steps like updating anti-virus software regularly.

The strategy is expected to suggest "kitemarking" for cyber security software to help consumers and businesses avoid "scareware" - software which purports to be helpful but is, in fact, malicious.

Earlier this month, the UK hosted an international cyber security conference, drawing together representatives from 60 nations.

The event came soon after GCHQ warned that cyber attacks on the UK were at "disturbing" levels.

Iain Lobban, the head of GCHQ, told the conference that a "significant" attempt was made to target the computer systems of the Foreign Office and other government departments over the summer.

Baroness Neville-Jones, the prime minister's special representative to business on cyber security, said Russia and China - who both attended the conference - were some of the worst culprits involved in cyber-attacks.

Outlining the national security strategy last October, Foreign Secretary William Hague said businesses and individuals must be aware of the risk of cyber attacks, as well as governments.

He said such attacks could become a major threat to the country's economic welfare and its national infrastructure, such as electricity grids.



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement