WCIT MONITOR Issue 60 Nov 2013 | Page 5

NEWS Information Technologists’ Company contract) to coerce co-operation from those whose services they use, remains, by comparison, trivial. The costs incurred by those who have to reimburse the victims of on-line banking scams (UK law is different to that of the US), are, however, rising sharply. But those costs are very much less than those that are incurred when customers lose confidence in dealing with you on-line. The banking crisis and related scandals (from Mortgage Fraud to Libor) can be seen as a failure of information governance. The ? systemic weaknesses which enable criminals to organise computer assisted fraud often arise from similar failures of technology governance. Both sets of failure cross ? professional, cultural and regulatory boundaries while sharing common “the value of lost transactions, because consumers gave up on fighting their way through the security questions, was double that of known losses to theft and fraud” A recent survey by the British Retail Consortium indicated that the value of lost transactions, because consumers gave up on fighting their way through the security questions, was double that of known losses to theft and fraud. At a recent conference a main Board Director from a major bank lamented the failure of security experts to work with colleagues in marketing to give him joined up business cases. He gave the example of security wanting to monitor all transactions to spot changes in customer behaviour which might indicate fraud. Marketing wanted to monitor them for changes which might indicate that customers were about to defect. Why could they not talk to each other? characteristics. after the security of the organisation? How do you select, train, motivate and update them, while ensuring their loyalty and discretion? How do you make it easier to use trustworthy products, services and suppliers? Most attempts, to date, by “experts” to look at such questions fail. The commonly simplify issues down to those with which they are comfortable and where they believe they can produce results and then dive down into the detail. Most appear to assume that some-one else (“The Board”) is looking at the whole picture and will put their contribution into perspective. Hence the reason that the Security Panel is working with the Ethical and Spiritual Panel, the City Values Forum, the Digital Policy Alliance and others to enlist the assistance of the thought leaders of the future, alias the brightest and best of the graduate students of today. So how do we bring about the changes in attitude and behaviour necessary to ensure that business operations can be globally trusted? The first step is a pilot competition for Masters students at sixteen universities, co-ordinated by new WCIT Freeman Kevin ? What are the standards against which Jones at City University. This is being run conduct should be measured? under the umbrella of the Cyber Security ? How should that conduct be judged and by Challenge, to reduce costs and risk and enable co-operation with those looking at wider areas whom? Is technical innovation required? of on-line risk. ? What part, if any, does regulation have a part to play? ? How do you decide who you trust to look Competition for Ideas to Improve On-line Trust and Confidence T his is a three year exercise in response to a request from the City Values Forum to apply “my word is my bond” to the on-line world. The pilot exercise is a Gold Stream within the Cyber Security challenge, assisted by the BCS, CPHC, DPA, IET and others. Masters students at sixteen universities, co-ordinated by Kevin Jones at City University, have been asked to address the people (ethics, motivation and skills), process (including governance) and technology (including security and resilience) issues that underpin trust online. The measures of success relate to. ? Ideas that help position London and the UK at the heart of a trusted on-line world. ? Enhanced co-operation between universities and employers ? Securing the support necessary to get a band-wagon rolling for years two and three. E-mail [email protected] , [email protected] or [email protected] to join the supporters and Sponsors. Page 5