E-crime policy is not working

Firms are not protected despite repeated security threats

MI5's cyber crime warning is litle more than "Neighbourhood Watch"

Government policy for protecting critical businesses against electronic crime is “not fit for purpose”, according to IT security chiefs at blue-chip firms.

Despite growing concerns over cyber security ­- and recent MI5 warnings about Chinese-sponsored attacks on UK business -­ the Serious Organised Crime Agency (Soca) is watering down its focus on e-crime.

Private sector condemnation is growing. “It is utter bedlam and the current situation is not fit for purpose,” a chief security officer responsible for a major part of UK critical infrastructure told Computing.

“We are seeing highly dangerous attacks and all MI5 can do is send a letter - it’s like Neighbourhood Watch.”

Budgetary issues, staff cuts and fragmented responsibility is making a mockery of the UK’s national security, claim critics.

Last month Soca chairman Stephen Lander admitted his organisation will have to shrink to balance its books ­ with rumours of staff cuts as high as 400.

And Sharon Lemon, head of Soca e-crime, is now to take charge of a second, and possibly also a third, department, Computing has learned.

Pressure is mounting for the Home Office to provide £1.3m for a proposed e-crime co-ordination unit to be based at London’s Scotland Yard ­ which is designed to plug the gaps between Soca and local police forces.

Businesses have been left in the dark since the National Hi-Tech Crime Unit was disbanded in 2006, said ICI chief security officer Paul Simmonds.“We have seen a reduction in service and it is vital this unit is funded to take up the slack,” he said.

The problem is the lack of focus, according to John Meakin, chief security officer at Standard Chartered bank.

“The security of information presents challenges for all parts of the economy, government and industry, and there will be times when we need to call on expertise from the police,” said Meakin.

“At the moment, fostering that expertise is not being addressed.”

Alliance & Leicester chief security officer George Hazell said: “The threat is real and growing, and law enforcement must be able to provide a commensurate response.”

It is time for the government to take control of an issue which is of vital importance to the critical national infrastructure, said Institute of Information Security Professionals chairman Paul Dorey.

“An act of leadership is needed to enable law enforcement to keep up with the challenge of electronic attacks,” he said.