Data Security Challenges

Article of the month

Helsinki, 1 January, 2003 — Information technology is an important part of our life, no matter how we look at it. Computers control finances, traffic, energy maintenance, and our communication and leisure time. The Internet has removed borders from our world: information networks cross boundaries and are inter-connected. Failures in information systems and networks cause substantial economic damage and may, in the worst case, paralyze essential functions in our society.

Information technology is an important part of our life, no matter how we look at it. Computers control finances, traffic, energy maintenance, and our communication and leisure time. The Internet has removed borders from our world: information networks cross boundaries and are inter-connected. Failures in information systems and networks cause substantial economic damage and may, in the worst case, paralyze essential functions in our society.

“Currently, we live in a world where key change factors include globalization and strive for integration and openness, networking and increased interaction. We are in the middle of a transition period, which cannot be directly compared to anything in past history. As for the extent of this transition, we do know that it will affect the way we work, communicate, express ourselves, consume and spend our spare time. We also know that the social effect of this phenomenon has been compared to industrialization and the introduction of electricity. We are on the first steps of the information society," says Juhapekka Ristola, Ministerial Adviser at the Department of Communication Market in the Finnish Ministry of Transport and Communications.

Ristola continues: “One of the greatest challenges for us in Europe is to monitor the impact resulting from the new technology and to find a meaningful balance between new services and benefits that need to be secured. We should encourage the development of new businesses instead of suppressing them before they come into being. What we need for innovative service development is AirBag-thinking: New services must contain accomplished and modern security features. On the EU level we should promote a dialog encouraging an atmosphere that is benign to developers. It is advisable to develop new technologies and put them into operation in a balanced way both from the point of view of constitutional rights as well as the other user requirements. When developing new services, such fundamental ideas as privacy, confidentiality of communicating and data security, must be considered equally. The United States today holds a strong position in hardware and content creation and will presumably maintain this position also in the future. Europe must work hard to reduce this gap. This requires that we develop our innovative capacities while we cannot expect any short-term gains."

Awareness about the necessity of data security has grown world-wide along with recent virus threats, hacker attacks and terrorism. The European Commission is preparing a proposal for the foundation of a Cyber Security Task Force. The task force will act as a specialist function collecting and communicating information, which means that there will be one institution coordinating data security issues on the EU level. After the terrorist attack of September 2001, the United States started developing its National Strategy to Secure Cyberspace initiative. The strategy will be all-encompassing, because information and ideas will be collected from all business sectors. The Internet site of the Federal Trade Commission of the United States offers guidance about the importance of data security in ordinary applications and everyday life as related to companies, private consumers and children. The OECD countries have created specific "Guidelines for the Security of Information Systems and Networks."

Finland is one of the forerunners in data security; a Finnish advisory committee on data security was the first in the world to publish a data security report covering a national society as a whole. The report serves as a basis for a security strategy, which will be completed by the end of the year; the strategy is also one of the first country-specific strategies in the world. Countries are aware that security is an important task, but it is up to individuals and organizations to improve the security of IT networks.

The holiday season is over and it is an appropriate time for us all to make sure our systems are secured.

Jaana Sirkiä
F-Secure

More information
jaana.sirkia@F-Secure.com
http://www.europe.f-secure.com/