Should all sites carry security advice?

The ISAF (Information Security Awareness Forum) is taking several steps towards preventing internet security breaches in the future, including talks of a mandated report system for security questions on popular websites and future meetings with other large security organizations.

According to ISAF chairman, Dr David King, one of the main problems facing users on the web today is that even if they are suspicious of websites that may look ‘off,’ or hacked into, there is no way for the average user to report an alleged security attack.

King stated that the ISAF believes that every web page that can be subject to attack, abuse, or fraud such as social networking sites, e-commerce sites, and gaming sites, should have to include a ‘security advice’ page informing consumers on how to report incidents so that larger cases of misuse can be caught swiftly before too many people are affected.

To talk about this issue and many more serious security breaches in which security awareness was the root of problems, such as the TJX breach which resulted in comprising around 96m credit card details, the ISAF launched a meeting in London that included representatives from the BCS, EURIM, and the web campaign Get Safe Online among others.

At the opening of the meeting Dr King stated that business and all organizations need to be aware of how large of an issue security awareness is for any corporation that is privy to private information.

He pointed to a change of behaviour in the way security is addressed inside organizations as the key factor in a securer technological future.

Story link: Should all sites carry security advice?