Commenting on a weekend report in the Guardian newspaper about a journalist whose email account was held to ransom, the organisers of the Infosecurity Europe show say that the case highlights the need for better education on the IT security front for members of staff in organisations of all sizes.
According to Claire Sellick, the show's Event Director, the journalist concerned had probably `clicked through' on a link which infected her computer, allowing the hacker remote access to her Gmail account. "This was, of course, only a personal email account. You can image the chaos that would ensue had the hacker gained access to an admin or sub-admin account for a corporate, as several hundred - or thousand - users could have been affected. Our observations amongst the many tens of thousands of visitors to the Infosecurity Europe exhibition each spring, however, suggest that it is the staff within mid-sized companies that need education about the `total security picture' for their IT systems."
The show director went on to say that, where smaller firms are concerned, since they tend to use low-cost and even free self-service accounts - their access to support services when serious information security issues do arise, as happened in this case, tends to be limited. Sellick says that the case also highlights the fact that, whilst the blackmailed journalist writes about political matters for the Guardian, the FT and the Statesman, you clearly cannot expect her to be fully conversant with the latest aspects of IT security. Nor, in fact, she explained, can one expect most people - even inside of IT security - to be totally up-to-speed on the latest threats to their organisation's digital assets. This is where Infosecurity Europe's popular education programme enters the frame.
The Infosecurity Europe event director says that one of the most popular features of the event continues to be the free educational programme - with leading IT security professionals sharing their knowledge and expertise in a wide selection of seminars and panel discussions for attendees.
"One feature of the attendances at the April 2011 event was that many professionals were in an area of management which was not directly involved with IT security on a day-to-day basis, reflecting the fact that IT has become pervasive in business generally." Said Sellek, "but just because IT has become so integral to modern business does not mean that an understanding of IT security goes with that pervasiveness. This is why the next Infosecurity Europe event - which takes place at London's Earls Court on the 24/26 April 2012 - will feature a free education programme as one of the key attractions."
"This isn't to say that education would have prevented this journalist from having her mailbox held to ransom for £500.00. Our observations, however, suggest that education could have prevented the unfortunate situation from happening in the first place." She added.