Presentation is loading. Please wait.

Presentation is loading. Please wait.

What can “Economics of Information Security” do for SMEs Richard Henson, University of Worcester Bruce Hallas, Marmalade Box

Published byFranklin Harrison Modified over 8 years ago

Similar presentations

Presentation on theme: "What can “Economics of Information Security” do for SMEs Richard Henson, University of Worcester Bruce Hallas, Marmalade Box"— Presentation transcript:

1 What can “Economics of Information Security” do for SMEs Richard Henson, University of Worcester r.henson@worc.ac.uk Bruce Hallas, Marmalade Box bruce.hallas@marmaladebox.com

2 Objectives Sum up the lack of research Interest to date in certification and especially SME certification Sum up the lack of research Interest to date in certification and especially SME certification Identify how “Economics of Information Security” research could really help SMEs Identify how “Economics of Information Security” research could really help SMEs Propose examples of assistance that could be provided Propose examples of assistance that could be provided

3 Measures on Certification ISO27001 certificates awarded all meticulously recorded ISO27001 certificates awarded all meticulously recorded Shows very wide discrepancies across countries Shows very wide discrepancies across countries Mostly NOT SMEs, but comparison interesting Mostly NOT SMEs, but comparison interesting totals for whole countries may be cause for congratulation/concern totals for whole countries may be cause for congratulation/concern

4 UK SMEs and Certification Practitioner experience suggests that SMES only getting ISO27001 certified if required to by supply chain partners: Practitioner experience suggests that SMES only getting ISO27001 certified if required to by supply chain partners: Question: why not doing so because it will improve their business? Question: why not doing so because it will improve their business? Research (Worcester Business School, small sample, regional) Research (Worcester Business School, small sample, regional) –7% of SMEs been approached by corporate partners about ISO27001 (need advice… not just from consultants) –even lower figures for IS policy than BERR UK survey 2008 (42%, compared to 54%) –28% aware of PCI DSS –full results will be available once fully analysed… Is the recession effectively pushing SMEs backwards in terms of security safeguards? Is the recession effectively pushing SMEs backwards in terms of security safeguards? –if so, why is this a concern?

5 What can EIS studies do for SMES SMEs very concerned about: SMEs very concerned about: –efficient use of resources –ROI –Reputation Also could be persuaded about: Also could be persuaded about: –information risk management –keeping legal EIS studies could provide useful guidance information for all of the above EIS studies could provide useful guidance information for all of the above –Provided pointers towards calculation of value of corporate data –Govt agencies would especially like also to see a value for typical records of personal data… Easier to justify a ROI of £2000 on improving security procedures if value of 1000 records perceived at £50000… Easier to justify a ROI of £2000 on improving security procedures if value of 1000 records perceived at £50000…

6 Do SMEs matter? More than we all realise… More than we all realise… –In UK 99% of all businesses 99% of all businesses 50% of GDP 50% of GDP –Increasing linking into national (global?) supply chain as they increasingly engage electronically with corporate partners UK govt recognises the problem UK govt recognises the problem –not much of a rush for a solution –hence the call to colleagues researching in EIS We neglect SMEs at our peril… We neglect SMEs at our peril… –“weakest link” etc… –easy prey for cyberattacks

Download ppt "What can “Economics of Information Security” do for SMEs Richard Henson, University of Worcester Bruce Hallas, Marmalade Box"

Similar presentations

CSO/NGO Consultations Report to IATI Signatories, Partner Countries and Steering Committee Paris, 4 July 2011.

CSO/NGO Consultations Report to IATI Signatories, Partner Countries and Steering Committee Paris, 4 July 2011.
Kevin Morley MBA Head of ICT Policy The Review of the North West Regional Strategy for Information Communication Technology 01925.

Kevin Morley MBA Head of ICT Policy The Review of the North West Regional Strategy for Information Communication Technology
Business and Environment Management Scheme (BeMS) Mathonwy Suter.

Business and Environment Management Scheme (BeMS) Mathonwy Suter.
Principle 2 Promoting the public good. Because the public sector is the mechanism through which governments deliver programs and services for the benefit.

Principle 2 Promoting the public good. Because the public sector is the mechanism through which governments deliver programs and services for the benefit.
A tool to help SMEs access trading markets in Asia Pacific.

A tool to help SMEs access trading markets in Asia Pacific.
Goods for Processing / Toll Processing … a pragmatic approach What is toll processing? Why is toll processing used? What is the problem? How has ONS dealt.

Goods for Processing / Toll Processing … a pragmatic approach What is toll processing? Why is toll processing used? What is the problem? How has ONS dealt.
Benefits and Challenges of University - Industry Interactions: A Critical Perspective Jeremy Howells, Ronnie Ramlogan and Shu-Li Cheng Manchester Institute.

Benefits and Challenges of University - Industry Interactions: A Critical Perspective Jeremy Howells, Ronnie Ramlogan and Shu-Li Cheng Manchester Institute.
1 L’Internet au service des PME Paris (France), 8-9 février 1999 Workshop 1 How to stimulate demand for Internet services among SME’s? Workshop results.

1 L’Internet au service des PME Paris (France), 8-9 février 1999 Workshop 1 How to stimulate demand for Internet services among SME’s? Workshop results.
Tackling drug related litter – Guidance and good practice

Tackling drug related litter – Guidance and good practice
Carbon Footprint Ltd www.carbonfootprint.com © Carbon Footprint Ltd 2014 Environmental Management Systems (EMS) What they are, how to get one and how to.

Carbon Footprint Ltd © Carbon Footprint Ltd 2014 Environmental Management Systems (EMS) What they are, how to get one and how to.
> a patent search service supplied by Patents & Technology Surveys Ltd PROFESSIONAL ONLINE PATENT INFORMATION SERVICE.

> a patent search service supplied by Patents & Technology Surveys Ltd PROFESSIONAL ONLINE PATENT INFORMATION SERVICE.
SSCL COPORATE FUNCTIONAL SAFETY MANAGEMENT Chris Goring Safety Systems Consultants Ltd.

SSCL COPORATE FUNCTIONAL SAFETY MANAGEMENT Chris Goring Safety Systems Consultants Ltd.
The European Commission's Approach to Responsible Business: Towards a 2016-2020 strategy on Corporate Social Responsibility.

The European Commission's Approach to Responsible Business: Towards a strategy on Corporate Social Responsibility.
Insert Date and location

Insert Date and location
Richard Angliss Home Buyer Systems Home Buyer Systems The ‘Next Generation’ The ‘Next Generation’ Sourcing System Sourcing System.

Richard Angliss Home Buyer Systems Home Buyer Systems The ‘Next Generation’ The ‘Next Generation’ Sourcing System Sourcing System.
In conjunction with Minimising Risk, Maximising Benefit - EAUC 10th Annual Conference NetRegs: Environmental Compliance Help for Universities and Colleges.

In conjunction with Minimising Risk, Maximising Benefit - EAUC 10th Annual Conference NetRegs: Environmental Compliance Help for Universities and Colleges.
Metal Industries 2012 * Structure and current developments Crisis and transformation Situation of the MET industries Labour Market: main developments Major.

Metal Industries 2012 * Structure and current developments Crisis and transformation Situation of the MET industries Labour Market: main developments Major.
SMEs, and efforts to safeguard their Information Richard Henson Worcester Business School May 2009.

SMEs, and efforts to safeguard their Information Richard Henson Worcester Business School May 2009.
Small Business Act Principle X: Encourage and support SMEs to benefit from the growth of global markets By Igor J. Mitroczuk PhD Econ.

Small Business Act Principle X: Encourage and support SMEs to benefit from the growth of global markets By Igor J. Mitroczuk PhD Econ.
Comparing Apples with Apples The Value of Environmental Management System Certification Kim Kelleher.

Comparing Apples with Apples The Value of Environmental Management System Certification Kim Kelleher.

Similar presentations

Ads by Google