13 June 2013
•
Computing looks back at the most important cyber security stories of the past six months
Security is perennially a hot topic for IT professionals. In the private sector there are persistent fears that precious IP will be stolen from corporate servers by way of industrial espionage, or that malicious outsiders - or more worryingly, insiders - will find ways to smuggle out critical data for their own dubious purposes.
In the public sector, the fears are very much the same, with espionage a top concern.
But problems can equally occur less by malicious design, and more by accident as staff leave laptops, mobiles or tablets on taxis, trains or just about anywhere else. For a cash-strapped public sector organisation in the UK, that usually means a hefty fine from the ICO.
With that in mind, let's have a look at the top 10 security stories of the year so far.
10 - HTC settles with FTC over mobile security flaws
With mobile devices increasingly carrying sensitive corporate data, it is imperative that they are secure. Back in February smartphone manufacturer HTC agreed to settle Federal Trade Commission (FTC) charges that the firm failed to take "reasonable steps" to patch security vulnerabilities in its products, thus putting information belonging to millions of customers at risk.
9 - UK cyber security 'becoming more consolidated', says ENISA
Attempts to consolidate all the various bodies that have some responsibility for the UK's cyber security have made steady progress, according to the European Network and Information Security Agency (ENISA).
The government has been heavily criticised in the last year for a "lack of cohesion" between the various UK organisations set up to work towards its cyber security strategy.
Former head of the GCHQ and CESG, Nick Hopkinson, told Computing last year that there was a need for rationalisation between the organisations, as co-ordinating a policy and strategy would be a challenge when dealing with the numerous bodies involved.
But a year on from Hopkinson's comments, ENISA's head of unit, resilience and CIIP, Dr Vangelis Ouzounis, has said that every country including the UK is trying to consolidate their own strategy.
"In every member state there are different distributions which have been developed for different purposes, now they all have slightly different responsibilities around cyber security and of course there are overlaps. Every country is trying to consolidate their national strategy and ENISA does not intervene because although we recommend the simplification and avoidance of overlaps, it is up to the member states [to take action]," he told Computing at ISACA Insights World Congress 2013, in Berlin.
[Please turn to next page]
