Security: What is Being Done?Security: What is Being Done?
Peter CoroneosChief ExecutiveInternet Industry Association (IIA)
AVAR ConferenceSydney November 7, 2003
Australia’s national internet industry organisation (est.1995)Australia’s national internet industry organisation (est.1995) Over 300 members include... Over 300 members include...
- telecommunications carriers - telecommunications carriers - web and software developers- web and software developers
- content creators and publishers - content creators and publishers - internet service providers- internet service providers
- educational & training firms - educational & training firms - local government agencies- local government agencies
- law firms - law firms - portal sites- portal sites
- internet research analysts- internet research analysts - hardware vendors - hardware vendors
- banks & insurance companies- banks & insurance companies - online advertisers - online advertisers
- systems integrators- systems integrators - internet security providers- internet security providers
- and businesses doing, or helping others to do e-commerce- and businesses doing, or helping others to do e-commerce
About the IIAAbout the IIA
As a voice for the industry, the IIA provides As a voice for the industry, the IIA provides policy input to government and advocacy on a policy input to government and advocacy on a range of business and regulatory issues, to range of business and regulatory issues, to promote laws and initiatives which enhance promote laws and initiatives which enhance access, equity, reliability and growth of the access, equity, reliability and growth of the medium within Australia.medium within Australia.
Our missionOur mission
Malicious CodeMalicious Code Hybridisation Crossing the device threshold
The sociopathology of malicious code writers- focus on prevention by addressing motivation
and deterence
Who bears the responsibility in a culture of security?
InitiativesInitiatives
IIA SME Security portal IIA Cybercrime Code IIA National Spam Initiative Spam Legislation Global Spam Campaign
Spam: the cause and its effect are Spam: the cause and its effect are economiceconomic
More than 50% of all email is now junk (8% in 2001)
US$8.9 billion cost to US corporations in 2002 cost to Australian business A$915 per employee
pa cost to spammers .000030 per email plus .00032
per address 70% is illegal under current laws US$3.2 billion pa revenues from porn spam
Spam: the extent of the problem Spam: the extent of the problem (2)(2)
Nigerian advance scam will gross US$2 bill. In 2003 28% of users reply to spam 8% have purchased from spam 4.5 seconds per spam wasted corporate time 16% change email addresses due to spam 1 in 145 spams carry viruses only 8% believe the media exaggerates spam
problem
The global solution has four The global solution has four elementselements
legislation industry action end user empowerment international cooperation
Australian legislation will pass this Australian legislation will pass this yearyear
opt in regime with few exceptions infringement notices issued by ACA; enforced
by FCA heavy penalties limited exemptions anti harvesting provisions strong information requirements
www.iia.net.au/nospam
Users are most concerned about...Users are most concerned about...
computer virusescomputer viruses spamspam privacy privacy security of transactionssecurity of transactions response timesresponse times cost of accesscost of access cost of upgrading cost of upgrading
hardwarehardware
%
2515111110
93
Source: ACNielsen.consult Australian Online User Study #10 (n = 34,643)
www.iia.net.au