EU security spend falls short

Commission says businesses and organisations are underestimating the risks

Written by Daniel Thomas

Computing, 08 Jun 2006

European IT security investment is alarmingly low, says a European Commission report.

Information commissioner Viviane Reding says businesses and public sector organisations are underestimating the risks of insufficiently protecting networks.

Advertisement

Only five to 13 per cent of corporate IT budgets go on security and this is worryingly low, she says. ‘The nature of the threat is changing and so must our response,’ she said.

‘In the past, hackers were motivated by a desire to show off, whereas today many threats come from criminal activities and are motivated by profit.’

The comments coincide with the Commission’s release last week of its report Strategy for a Secure Information Society.

To make Europe the leading information society by 2010 it says three areas must be addressed: specific network and information security measures, the regulatory framework for electronic communications, and protection against cyber crime.

The Commission will work with governments to benchmark national policies on network and information security, identify best practice and educate users.

The European Network Information Security Agency (Enisa) will assist by building an infrastructure to handle security incidents and alert member states.

Last week Enisa also released a report outlining its long-term security action plan.

Simon Perry, co-editor of the report and member of Enisa’s Permanent Stakeholders Group, says greater co-operation is needed between European Union member states to share information on IT security threats.

‘The public sector should be leading the private sector in setting standards, but in member states and government agencies it is rare to find a department doing security well,’ said Perry, also vice president of security strategy at CA.

Certain new EU member states need to do more to improve national information security, but greater levels of protection could lead to inward investment by industry, he says.

'There will be a bit of carrot and stick. Countries won't get investment from the private sector if the infrastructure and security isn’t there,' said Perry.

What do you think? Email us at: feedback@computing.co.uk

Tags:

Further reading

Related articles

Related whitepapers

Related jobs

Do you agree?

Have your say on this article

IT white papers

Search vnunet IThound

Top categories

Job of the week

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Watch

Shaun Nichols and Iain Thomson

10 Oct 2008

7.33 MBPodcast Special: Views from the Valley More...

Podcast image

09 Oct 2008

12.99 MBComputing podcast - IT implications of the banking crisis, and the FSA clamps down on IT security More...

Shaun Nichols and Iain Thomson

03 Oct 2008

6.49 MBPodcast Special: Views from the Valley More...

Listen to more

Poll

Google Android

Google Android

Are you intending to try out a Google Android mobile phone?

Previous poll results

Spotlight

Ministry of Defence

MoD data loss total could hit 1.7 million

New figures far higher than initial estimates   More...

Sun Microsystems

Sun Sparc server shatters seven standards

T5440 sets new benchmark records   More...

Gary McKinnon

Home Office turns down latest McKinnon appeal

Home Secretary informs lawyers of arrangements for US extradition   More...

Network cables

Network Instruments touts nanosecond apps troubleshooting

Observer 13 offers upgraded performance and forensic network analysis   More...

Primary Navigation