|
|
|
Firms fear battle over computer viruses |
|
|
|
Business
|
|
Written by Peter Warren
|
|
Friday, 07 January 2005 |
Bought and published Evening Standard, January 7, 2005 and Computing
by Peter Warren and Michael Streeter
BRITISH firms could face a wave of costly litigation because of poor
computer and customer data security, according to a new survey.
Businesses believe it is a question of 'not if but when' they will be
dragged into court because of lost or damaged data arising from
hacking, fraud, viruses and human blunders.
The fears are published in the report Risky Business: UK Industry and
Data Integrity based on interviews with data security managers from
some of the UK's top business organisations.
It finds firms are braced for a surge of legal claims either privacy
related suits from individuals, or damages claims from companies
suffering from computer viruses inadvertently sent via email from other
companies' systems.
'We believe there are companies out there who could find themselves
legally liable because of what they haven't done in terms of data
security,' said Jeremy Beale, head of the CBI's E-Business Group.
'I would say we are all waiting for the first legal action to kick
off,' says Kat Maben, principal security consultant for the telecoms
group Avaya. 'I think it is going to be inevitable.'
In 2004, one in 16 emails contained a virus, according to research by
Messagelabs. Three of the most virulent viruses, Code Red, Love Letter
and Klez were responsible for a global cost of $20.4bn (£10.8bn).
'People are now aware of viruses because they can see them in their email,' said John Holland, CyberTrust's European director.
'There are criminals trying to get into their computers so there is a
greater awareness. When that is coupled with worry over legislation in
the boardroom, people have to be seen to be doing things.
'With more people using the internet for phone communications, any
failure of computer security is instantly visible. I know of one large
company which had to use its mobile phones recently because its phone
lines went down when its computers were attacked.'
The report also found strong demand among some business groups for the
development of a third-party certification system for computer
security, similar to the credit ratings used to assess top companies.
'A de facto and industry supported third party...would be very
attractive,' wrote John Meakin, head of security at Standard Chartered
bank, in the report. 'In a global market, anything that speeds up
decision-making would be interesting.'
|
|
|
|
|