RSS Alerts

Related Links

  • ENISA
  • Symantec
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • ISSE 2009: We need an active security community
    An active security community is needed to meet the challenges of information security, said Steve Purser, head of technical competency department, ENISA.
  • Through Hell and high water
    Responsive business thrives on continuity. William Knight finds that the trick to uninterrupted business is testing continuity processes before disaster strikes
  • What’s in store for 2010?
    The Noughties are behind us now, but memories of a decade of data breaches will continue to haunt the infosec professional. If only there was a way of knowing what the threat landscape would look like in the months to come. Well you’re in luck as Davey Winder has dusted off the crystal ball and spoken to a broad church of infosec professionals to get some informed predictions for 2010
  • Securing the 2012 Olympics
    Physical and IT security plans are well underway for the London Games in 2012, but could reputational damage be the real risk? Stephen Pritchard talks to David Blunkett to determine what the real cyberrisks are, and how to control them
  • Comment: Who can you trust with your organization’s information?
    Martyn Smith of Logically Secure looks at a number of high-profile breaches of data security and their underlying causes. He also examines how organisations passing on valuable data to third parties can assure its protection and better understand each other’s security without relying only on trust or intrusive inspections

News

House of Lords hears evidence on risk of cyberterattacks

10 December 2009

The House of Lords has heard evidence from a number of high-ranking IT experts about the risk of cyberattacks to the IT and communications infrastructure of the UK, and what might happen if a natural disaster interrupts the internet in a major way.

Although most tier one ISPs, as well as London Telehouse and MANAP, the UK's two main internet peering points, have contingency plans in the event of disaster. If the communications links between the ISPs and the peering points are downed for any reason, the internet in the UK could be severely affected.

According to Symantec - one of just two private sector firms advising the Lords on the possible consequences - the main focus of yesterday's meeting was to advise the government on the EU's policy on protecting European governments from large scale cyberattacks against critical infrastructure.

Ilias Chantzos, Symantec's director of government relations for Europe and Asia Pacific, was scheduled to answer questions on whether European governments are right to fear cyberattacks and how they can work together to mitigate the risks they pose.

These high impact, low probability cyberattacks fall under the classification of a `Black Swan' event and would, Infosecurity understands, come under the government's classified major incident plans, which have several options, depending on the severity of the cyberattacks involved.

Symantec said that, since up to 90% of the the critical infrastructure on which Europe depends is privately owned and crosses international boundaries, it has advised the government that only co-operative planning between public and private sectors, as well as EU member states, can hope to deal with Black Swan situations.

Amongst other items that Symantec presented to the Lords was the subject of how vulnerable the internet is to widespread technical failures and how it could be affected by natural disasters.

Topics discussed included whether regulatory intervention is unavoidable to ensure the resilience and stability of the internet, and what this will cost the internet industry.

Interestingly, Symantec said its senior managers also discussed how concerned the government should be about criminally operated botnets and whether the problem can be tackled at the Europe level.

Symantec also questioned whether the European Network and Information Security Agency (ENISA) is the right body to develop national Computer Emergency Response Teams (CERTs) within EU member states.

 

This article is featured in:
Business Continuity and Disaster Recovery Compliance and Policy Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water