3 in 5 British firms suffer security breach - report

Report suggests British business is far from being ready to go online. Will Knight reports

As many as three in five British businesses have experienced a computer-related security breach in the last two years, according a new technical report into information security to be published next week.

The growing number of high-profile computer hacking cases, especially those involving the theft of credit-card and other personal information, are apparently just the tip of the iceberg when it comes to malicious or unauthorised computer activity.

The Information Security Breaches Survey 2000,commissioned by the Department of Trade and Industry as well a number of major British businesses, canvassed 1000 "demographically representative" British organisations on their computer security history and found evidence of malicious hacking on a grand scale.

43% of organisations possessing highly sensitive information confessed to having experienced an "extremely serious" security breach during the past two years.

The report also found evidence of lax security provisions. It discovered that only one in seven businesses questioned, had any sort of formal information security measures in place. It concluded however that the greatest threat to a company's computer security comes not from malicious hackers but from within a company itself, where individuals act in error.

This comes when as many as one in three British businesses are already involved in or planning to get involved with e-commerce.

One of the sponsors of the report, Axent Technologies, issued a statement criticising British companies that reads, "This report shows that to date, British companies have let security escape them. We have a long way to go before we can truly provide a secure Internet environment."

This report will be officially published next week at InfoSec, a national conference on computer security held in London. At the conference e-Minister Patricia Hewitt and others will address industry representatives on the issue of securing e-business.