§ The Earl of Northesk
asked Her Majesty's Government:
How they intend to respond to the recent survey from the SAS Institute revealing that 62 per cent of top tier companies across all sectors in the United Kingdom have no measures in place to combat Internet fraud. [HL4599]
§ Lord Sainsbury of Turville
This seems to confirm the findings of our own survey on information security breaches, which the DTI published in April 2000, where a thousand organisations of all sizes and across a range of sectors were interviewed. Internet security is clearly a matter for business but the Department of Trade and Industry promotes good information security practice to UK business. In particular, the department has promoted the use of British Standard 7799, which gives a management and organisational framework for implementing best practice in information security. This framework is grounded in the assessment of risk and the application of appropriate controls to counter those risks.