The European e-Business Report The European e ... - empirica

More documents

Recommendations

Info

The European E-Business Report 2005 The opposite factors may contribute to the relatively low level of incidence in the construction and food and beverages sectors: a low level of ICT use and physical rather than virtual outputs offer less opportunity for ICT-based threat. In addition, in both cases there are a relatively small number of clients involved in any time period. Exhibit 1.6-2: Average rate of security incidents causing significant damage to business per annum Exhibit 1.6-3: Mean time between security incidents causing significant damage to business (years) Construction Food Automotive Publishing Pharma Aeronautics Textile Machinery Tourism IT services 0,00 0,25 0,50 0,75 1,00 Construction Food Automotive Publishing Pharma Aeronautics Textile Machinery Tourism IT services 0,00 1,00 2,00 3,00 4,00 Based on unweighted figures. Source: e-Business W@tch (e-Business Survey 2005) However, this overall picture masks considerable and interesting divergence across the specific security domains. For instance, the automotive sector is an interesting case, exhibiting very low levels of incidence of both hardware and software malfunction. It is probable that large manufacturers in the sector are being particularly effective at setting standards for hardware and software and ensuring that quality hardware/software solutions are introduced into and used throughout their supply chain. This would have the effect of improving the resilience of smaller enterprises in the sector to this kind of security threat, and it may well be that other sectors could learn lessons from the automotive industry. At the same time the sector was found to have a particularly high incidence of damage from spamming, and it appears that no sector can lay claim to universal best practice in avoiding damage from security-related threats. 45
The European E-Business Report 2005 1.6.2 Deployment of ICT security controls e-Business W@tch asked companies in the 2005 survey which security controls and measures they applied to counter ICT security threats. 36 The analysis shows that basic components such as firewalls and secure servers – for those enterprises requiring these – already exhibit high levels of penetration. Major deficits in security controls in European enterprise are evident in the low levels of reported application of data encryption, which is generally regarded as essential in distributed and mobile computing environments. The yet lower levels of deployment of public key infrastructure could represent an obstacle in the evolution of interoperable solutions for many e-business processes, particularly those with strong contractual content such as the transfer and agreement of large liabilities. Exhibit 1.6-4: Prevalence of ICT security measures by size-band 0 20 40 60 80 100 Firewall 75 Secure server technology 42 Company rules: encryption 31 Company rules: digital signature 20 IT security policy 48 Disaster recovery plan 55 Risk assessment Information security management Staff-training in information security 25 29 33 Total (10 sectors, EU-7) Base: All enterprises using computers. N = 5218. In "% of employment", i.e. firms representing …% of employment. Source: e-Business W@tch (e-Business Survey 2005) Given the importance of the human factor in breaches of security, the low proportion of enterprises reporting that they train their staff in security awareness, carry out risk assessment or, in particular, have put a security management system in place, should be a cause for concern among policy makers. Though the proportion of larger enterprises which have drafted disaster recovery plans and developed a security policy is over 70% (in each case), the picture is much bleaker among smaller businesses. Only 21% or 32% respectively of micro- and small enterprises report having an ICT security policy in place (see Exhibit 1.6-5), despite strong consensus among security consultants and standards-setting bodies that such planning is essential in building a proper response to security threats. The lower levels of control deployment found in smaller enterprises have a clear economic foundation. The ability to profitably deploy resources in combating security threats tends to be a function of the size of a business, particularly where in larger enterprises key ICT functions are centralised. These economies of scale can be clearly seen in the behaviour of enterprises in respect of the security controls included in the survey. 36 The question was: "Does your company have any of the following IT security measures in place? Do you have / use … [item]?" A list of 9 items (see Exhibit 1.6-4) was offered. 46
Page 1 and 2:
The European e-Business Report 2005
Page 3 and 4:
The e-Business W@tch The European C
Page 5 and 6:
The European E-Business Report 2005
Page 7 and 8:
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16: The European E-Business Report 2005
Page 17 and 18: 16 The European E-Business Report 2
Page 19 and 20: The European e-Business W@tch Secti
Page 51 and 52: Types of ICT solutions used and pro
Page 65: The European E-Business Report 2005
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
104 The European E-Business Report
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
Page 167 and 168:
Page 169 and 170:
Page 171 and 172:
Page 173 and 174:
Page 175 and 176:
Page 177 and 178:
Page 179 and 180:
Page 181 and 182:
Page 183 and 184:
Page 185 and 186:
Page 187 and 188:
Page 189 and 190:
Page 191 and 192:
Page 193 and 194:
Page 195 and 196:
Exhibit 3.2-1: Greek information so
Page 197 and 198:
Page 199 and 200:
Page 201 and 202:
Page 203 and 204:
Page 205 and 206:
Page 207 and 208:
Page 209 and 210:
Page 211 and 212:
Page 213 and 214:
Page 215 and 216:
Page 217 and 218:
Page 219 and 220:
Page 221 and 222:
Page 223 and 224:
Page 225 and 226:
Page 227 and 228:
Page 229 and 230:
Page 231 and 232:
Page 233 and 234:
Page 235 and 236:
The E-Business Scoreboard - a two-l
Page 237:
Contact information e-Business W@tc
show all

The European e-Business Report The European e ... - empirica

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?