Following a 10-month inquiry, the Home Affairs Select Committee has published its first ever report into e-crime on 30 July 2013, and it makes for rather alarming reading.
The National Security Strategy has designated e-crime as a “Tier One” threat to the UK, a higher category even than nuclear attack. E-crime expert witness and City of London Police Commissioner Adrian Leppard told the MPs that “we are not winning [the war on e-crime]. I do not think we are winning globally, and I think this nature of crime is rising exponentially.” The Committee concluded that “at a time when fraud and e-crime is going up, the capability of the country to address it is going down.”
The cost of business of e-crime
This is a challenge for the government, for <st2:PolicySmartTags.CWSPolicyTagAction_6 TagType=”5″>private individuals, and for companies – from sole traders and SMEs to national and international corporations. The report cited the recent experience of Sony: “The financial details of 23,000 users of Sony Online Entertainment were stolen when its networks were breached by hackers in March 2011. The cost of the clean-up was reportedly $172m, and the events caused a 9 % share price drop.”
Looking closer to home, the report highlighted the findings of the British Retail Consortium’s 2011-12 Crime Survey, which found the cost of e-crime to UK retailers was over £200 million. This may be a conservative estimate, as it is thought that a huge proportion of e-crime goes unreported or even undetected.
Further written evidence made reference to the findings of a 2011 Cabinet Office report, The Cost of Cyber Crime, which found that while the government and the citizen are affected by rising levels of e-crime (at an estimated cost of £2.2 billion and £3.1 billion respectively), business bears the lion’s share, at a total estimated cost of £21 billion per annum.
The report’s recommendations
The Committee calls for a dedicated cyber-espionage team to respond to attacks, and the UK government has already announced that a National Cybercrime Unit will be formed later this year as part of the new National Crime Agency.
However the very nature of the threat means that businesses must take responsibility for the security of their own IT infrastructure and working practices. Prevention is better than cure, and today’s report serves as a reminder that constant vigilance is necessary in the “e-wars” against IP theft and espionage.
Our expertise
Brodies is home to the only team in Scotland to be recommended by Chambers & Partners for advice on data protection law.
Our team regularly advises organisations on data protection law compliance and information security and the steps that can be taken to help reduce an organisation’s exposure to e-crime. We advise on both internal policies and procedures (including steps taken to help an organisation achieve ISO 27001 compliance) and the contractual protections that need to be put in place when outsourcing services or procuring ICT.
To find out more, contact Grant Campbell or Martin Sloan, or visit our sector page on the Brodies website.
You can also find out more about e-crime and the measures that you can take to protect your organisation by visiting The Scottish Business Resilience Centre’s website:
http://www.ecrimescotland.org.uk
Paul Breen (with help from Gordon Stevenson, summer student)
The post Select Committee publishes report into e-crime appeared first on Brodies LLP Legal Resource Area.
