IAAC: UK moves to protect information infrastructures

Story Filed: Tuesday, March 21, 2000 11:53 AM EST

MAR 21, 2000, M2 Communications - The Information Assurance Advisory Council (IAAC) is being formally launched on Tuesday 21 March at a breakfast meeting attended by senior representatives of government, commerce and academia. Keynote speakers include Prof. Lawrence Freedman (King's College), Prof. Jim Norton (IoD) and Mr Mark Gladwyn (Central IT Unit, The Cabinet Office).

The IAAC is now open for membership from UK-based companies and Central and Local Government departments. Members will receive the latest information on Information Assurance as well as benefiting from IAAC research. They will also be able to influence Government policy in this vitally important arena.

Leading UK companies, including BT, the Post Office and BAE SYSTEMS, along with the Cabinet Office, the Communications-Electronic Security Group (CESG) and King's College London have come together to create the IAAC for the benefit of secure e-business. This is the first such organisation in the world.

Speaking at a recent London conference on Information Infrastructure Protection, the Leader of the House the Rt Hon Margaret Beckett PC MP stated that:

"Information Infrastructure Protection... keeping our 'phones, power, utilities, finance, transport, Government safe and protected... is the new challenge for this Millennium"

The Prime Minister has declared that the UK has to be "the best place in the world for e-commerce" but that "we need to create an environment where people can have trust in the new medium" since e-commerce poses "enormous opportunities and threats." However: "the Government alone cannot drive forward the development of e-commerce. What is needed is a sustained joint campaign between Government and business to ensure that we reap the benefits"

The formation of the Information Assurance Advisory Council is the clearest proof that the major players (in this unique Public:Private:Academic Partnership) are determined to ensure that joint action is taken for the benefit of the UK as a whole, and also for the benefit of the global e-economy. The UK is correctly regarded as taking an international lead in this policy arena and the formation of the IAAC is proof of this continuing commitment.

NOTES TO EDITORS

What is IAAC?

The Information Assurance Advisory Council (IAAC) is an independent, membership forum supported by industry and central government. The Council is being formed in response to growing concerns over the trustworthiness and reliability of the information infrastructures that underpin the economy, government and vital social services in the UK and partner nations. It will provide a focus for the development of national and international policies on information assurance and critical infrastructure protection.

What is the Launch Event?

The Information Assurance Advisory Council will be launched at an invitation only breakfast seminar on Tuesday 21 March 2000 at King's College London. The launch will feature presentations by:

Professor Lawrence Freedman, King's College London: "Security in the Electronic Age"

Professor Jim Norton, Institute of Directors: "E-Business: Risks & Requirements"

Mr Mark Gladwyn, Central IT Unit, Cabinet Office: "E-Government: Risks and Requirements"

Who are the Government Sponsors?

Cabinet Office ( www.cabinet-office.gov.uk)

The Cabinet Office has been responsible for co-ordinating government policy on Critical National Infrastructure protection. This policy includes a commitment to responsible awareness raising initiatives in this area and to promoting information security best practice more broadly. Effective information security is also an e-commerce and e-government enabler. The Cabinet Office, therefore, welcomes the broadening of informed discussion and responsible engagement with this subject that can be facilitated by independent fora such as the IAAC.

Communications-Electronics Security Group (CESG) ( www.cesg.gov.uk)

CESG is the government's national technical authority on information security issues. Based in Cheltenham, it is the information security arm of GCHQ, and provides advice and assistance to government departments throughout the country, as well as to critical national infrastructure owners, either directly or through industry partnerships. CESG's own CNI work is part of a broader government effort to promote a safe e-business environment. It welcomes the arrival of IAAC to help foster informed debate and the building of trust among a wider circle of infrastructure stakeholders.

Who are the Industry Sponsors?

British Telecom ( www.bt.com)

BT recognises that both government and corporate customers are now asking for greater assurance concerning the security of communications products and services. It is essential to understand the risks and opportunities offered by new security technologies and BT invests significantly to ensure that its networks and services remain at the forefront in this challenging and evolving arena. BT is pleased to sponsor the IAAC as an innovative partnership between academia, industry and public policy makers.

The Post Office ( www.postoffice.co.uk)

The Post Office is building on over 300 years of experience of providing secure and reliable communications and is set to provide a range of secure communication and financial services for the Internet economy. The PO will also provide a means of delivery for electronic government services to the public.

BAE SYSTEMS ( www.baesystems.com)

BAE SYSTEMS has long experience of providing secure information systems that have contributed to UK national security and well-being. BAE SYSTEMS recognises the importance of supporting a cross-sectoral community that seeks to promote research, evolve policy, standards and regulation by a shared understanding of emerging threats and vulnerabilities.

Anite Government Systems Ltd ( www.anite.co.uk)

Anite Government Systems Ltd (AGSL) is a wholly owned subsidiary of Anite Group PLC. AGSL provides IT consultancy and systems integration services to the following sectors: transport; electronic government; law enforcement and secure systems. AGSL has a particular interest in providing research and advice on information assurance for public sector clients.

iDEFENSE UK Ltd ( www.i-defense.com)

iDEFENSE-UK Ltd is a wholly owned subsidiary of iDEFENSE Inc, a US based company that provides unique Information Assurance and advisory services to e-Business and the Public Sector. It provides Alert, Warning and Mitigation advice on technical, personnel and strategic threats, vulnerabilities and risks to those dependent on an information infrastructure.

Symantec Corp (prev. L-3 Network Security) ( www.symantec.com)

L-3 Network Security has just (9 March) been acquired by Symantec Corp, thus creating an even stronger force in the field of Internet Security products and services. Their network risk management tool "Expert" provides corporate management with plain language information to make business decisions about their information security posture, whilst "Retriever" provides security managers with a pro-active network security tool.

Where is IAAC Based?

IAAC is hosted by King's College London.

International Centre for Security Analysis ( www.icsa.ac.uk)

Based at King's College London, ICSA is an international centre of excellence that conducts research on the policy and technological implications of information assurance. ICSA addresses both the economic and defence aspects of the threats posed by electronic attack. ICSA is hosting the IAAC in order to enhance its research base and to strengthen links between academia and private and public sector end-users.

Who is on the IAAC Board?

IAAC policy is set by a board that includes one representative from each of the sponsoring organisations. Collectively, board members have a wealth of expertise and experience in the areas of e-business, e-government and information security.

Dr Andrew Rathmell (chairman) - Andrew is Executive Director of the International Centre for Security Analysis and a Senior Lecturer in the Department of War Studies, King's College London. Dr Rathmell is a widely published author and an active lecturer on issues relating to security in the Information Age. Recent publications include "International CIP Policy: Problems and Prospects," Elsevier Information Security Technical Report, Vol. 4, No. 3 (1999).

Edna Chivers (Cabinet Office) - Edna joined the Cabinet Office in 1997, having previously worked in a number of other central government departments. She is currently Head of Security Division and is responsible for the development of policy on all aspects of security within government. She has played a leading role in the development of government policy on critical infrastructure protection.

James Hodsdon (CESG) - James joined CESG at the time of government's major review of protective security in 1993 and has been helping develop Whitehall's information security risk-management policies ever since. His 1996 proposal for a national information assurance policy was a starting point for the government's current Critical National Infrastructure protection work. His CNI team now constitutes part of the resources of the recently established National Infrastructure Security Coordination Centre.

Brigadier (retd) John Almonds (BT) - John has served as BT's Director of Security since 1994. Prior to joining BT he had a distinguished career in the British Army, having been commissioned into the Royal Corps of Signals in 1961. He was promoted direct from Lieutenant Colonel to Brigadier at the early age of 43 in which rank he held a number of senior command and staff appointments, including: Commandant Schools of Signals, Blandford; Director Operational Requirements, MoD; Director, Army Information Strategy Study; and Chief of Staff, British Forces Cyprus. Amongst his other roles, he chairs the Selwyn House Committee, comprising the security heads of 20 FTSE 100 Companies.

David Lacey (Post Office) - David is Group Head of Information Security for the Post Office. He has extensive experience in information security management gained in both the public and private sectors. From 1989 to 1999, he was responsible for information security policy for the Royal Dutch/Shell Group. Prior to this he was Head of IT Security at the Foreign & Commonwealth Office. Amongst other things, he played a major part in the development of the BS7799.

Tim Parsons (BAE SYSTEMS) - Tim joined BAE SYSTEMS as a research scientist in 1980 and from 1993 onwards became involved with research programmes prototyping systems capable of supporting complex collaborative engineering design across extended virtual enterprises. In 1997 he joined the Future Systems Group at BAE SYSTEMS Headquarters where, as part of his responsibilities for corporate strategic development, he has sought to clarify the impact of Information Assurance on future business and information systems over the next two decades.

Lt Col Neil Fisher (Retd) (iDEFENSE) - Neil is Managing Director of iDEFENSE UK Ltd. Neil Fisher previously served as a Royal Signals Officer in the British Army where his last post was as Head of Information Assurance Policy and focus for Information Warfare in the UK Ministry of Defence.

Bernard James (Anite Govt Systems Ltd) - Bernard is a senior manager at Anite Government Systems and leads their Secure Systems Group, which provides IT services to Central Government departments. He currently leads research teams investigating network intrusion detection technologies and computer based fraud detection technologies, in partnership with academia and the Government. He joined Anite in 1987 and has managed a wide range of IT projects.

Michael Harrison Dip M., FCIM (Symantec Corp) - Michael has worked at director and CEO level in organisations such as Hawker Siddeley, BT, NatWest, The Raytheon Company and L-3 Communications. Having carried out business activities in 29 countries, he formed Harrison Smith Associates Limited in 1991 as a Marketing Consultancy, Communications and Conferences Group. Michael represents Symantec on the IAAC Board.

What Does IAAC Do?

The Council is dedicated to the provision of objective research and analysis into the national and international policy implications of protecting the critical information infrastructures that underpin the e-business and e-government revolution. IAAC's activities include:

regular seminars, workshops and symposia in which government officials and private sector representatives can jointly develop policies to protect critical infrastructures

innovative research on information assurance policies

IAAC will publish research papers and briefing documents. IAAC's discussion fora are however open only to members and are conducted under Chatham House Rules.

Who Can Join?

IAAC's members will enjoy:

a unique opportunity to participate in the development of national and international policy on critical infrastructure protection at the highest levels

access to state of the art research and innovative thinking on information assurance policies world-wide

Membership is open to any organisation playing a key role in the information infrastructures upon which the Information Economy and Information Society are increasingly coming to rely. Membership applications are subject to approval by the IAAC Board. Candidates for membership must fulfill two criteria:

Members must be able to contribute constructively to discussions and policy formulation within IAAC and so must have specialised knowledge or expertise of relevance to IAAC's work

Members must be able to contribute to the building of trusted partnerships between industrial and government sectors

Copyright 1994-2000 M2 COMMUNICATIONS LTD CONTACT: Press officer, IAAC Tel: +44 (0)207 848 1395 Fax: +44 (0)207 848 2972 e-mail: iaac@kcl.ac.uk Michael Upton, Cabinet Office Tel: +44 (0)207 270 1271 e-mail: mupton@cabinet-office.x.gsi.gov.uk Tim Hunt, Cabinet Office Tel: +44 (0)207 270 0079 e-mail: thunt@cabinet-office.x.gsi.gov.uk Peter Kinsella, Head of Newsroom, British Telecom Tel: +44 (0)207 356 5370 Nicholas Lillitos, Head of News, PO Group Centre, The Post Office Tel: +44 (0)20 7250 2555 Fax: +44 (0)20 7250 2244 e-mail: nick.lillitos@postoffice.co.uk The Press Office, BAE Systems Tel: +44 (0)1252 373232 Jerry Irvine/Allison Bozniak, iDEFENSE e-mail: jirvine@idefense.com e-mail: ABozniak@idefense.com

((M2 Communications Ltd disclaims all liability for information provided within M2 PressWIRE. Data supplied by named party/parties. Further information on M2 PressWIRE can be obtained at

http://www.presswire.net on the world wide web. Inquiries to info@m2.com)).

Copyright ) 2000, M2 Communications Ltd., all rights reserved.

http://library.northernlight.com/FB20000321810000091.html?cb=0&dx=1006&sc=0#doc

-- Jen Bunker (jen@bunkergroup.com), March 21, 2000