UK Government cyber-crime report shows that technical solutions alone are not enough

Feb. 22, 2012 - PRLog -- The Government’s strategic-level "Cyber Security Strategy", published in late 2011, concentrated on issues of national and global importance. In contrast, a new report, from the Government's Science and Technology Committee, focuses on a lower level: namely the non-specialist computer user, which is of more immediate relevance to the average citizen.  The report outlines the growing and very real threat of malicious software (malware) and cyber-crime, and the implications for law enforcement. The report concludes with urgent recommendations for the Government to set up a trusted provider of information to the general public, and also for cyber-security standards that will redress the current situation of confusion and excessive technical detail.

Briony Williams (Security Consultant, commissum) comments: "It is interesting that this report does not primarily call for more anti-virus software, or more firewalls.  What the report does call for is human solutions rather than technical ones.  The anti-malware industry has grown significantly in recent years, and technical solutions are produced in response to each newly-discovered threat.  Unfortunately, this contributes to the present situation, where people can feel bewildered by the sheer range and complexity of the things they need to know in order to be safe online. It doesn’t help that the anti-malware solutions are often described in highly technical language.  This confusion is doubtless contributing to the situation where consumers are not implementing even basic anti-malware measures."

The report recommends a major upgrading of the Government’s "Get Safe Online" website, as well as a widespread publicity campaign, and a national initiative to improve training and education in online security. As Briony of commissum points out: "This report is to be welcomed for its emphasis on the need to support the human users, and not only the software, since technical solutions alone are not enough.  If the report’s recommendations are implemented, they could bring about a long-lasting and very significant improvement in the UK’s consumer-level cyber-security."

# # #

commissum is a European company specialising in information assurance and security services for business and government. Services include penetration testing, information assurance consultancy, information security auditing, and configuration of systems.