Security: What is Being Done?Security: What is Being Done?

Peter CoroneosChief ExecutiveInternet Industry Association (IIA)

AVAR ConferenceSydney November 7, 2003

Australia’s national internet industry organisation (est.1995)Australia’s national internet industry organisation (est.1995) Over 300 members include... Over 300 members include...

- telecommunications carriers - telecommunications carriers - web and software developers- web and software developers

- content creators and publishers - content creators and publishers - internet service providers- internet service providers

- educational & training firms - educational & training firms - local government agencies- local government agencies

- law firms - law firms - portal sites- portal sites

- internet research analysts- internet research analysts - hardware vendors - hardware vendors

- banks & insurance companies- banks & insurance companies - online advertisers - online advertisers

- systems integrators- systems integrators - internet security providers- internet security providers

- and businesses doing, or helping others to do e-commerce- and businesses doing, or helping others to do e-commerce

About the IIAAbout the IIA

As a voice for the industry, the IIA provides As a voice for the industry, the IIA provides policy input to government and advocacy on a policy input to government and advocacy on a range of business and regulatory issues, to range of business and regulatory issues, to promote laws and initiatives which enhance promote laws and initiatives which enhance access, equity, reliability and growth of the access, equity, reliability and growth of the medium within Australia.medium within Australia.

Our missionOur mission

Malicious CodeMalicious Code Hybridisation Crossing the device threshold

The sociopathology of malicious code writers- focus on prevention by addressing motivation

and deterence

Who bears the responsibility in a culture of security?

InitiativesInitiatives

IIA SME Security portal IIA Cybercrime Code IIA National Spam Initiative Spam Legislation Global Spam Campaign

Spam: the cause and its effect are Spam: the cause and its effect are economiceconomic

More than 50% of all email is now junk (8% in 2001)

US$8.9 billion cost to US corporations in 2002 cost to Australian business A$915 per employee

pa cost to spammers .000030 per email plus .00032

per address 70% is illegal under current laws US$3.2 billion pa revenues from porn spam

Spam: the extent of the problem Spam: the extent of the problem (2)(2)

Nigerian advance scam will gross US$2 bill. In 2003 28% of users reply to spam 8% have purchased from spam 4.5 seconds per spam wasted corporate time 16% change email addresses due to spam 1 in 145 spams carry viruses only 8% believe the media exaggerates spam

problem

The global solution has four The global solution has four elementselements

legislation industry action end user empowerment international cooperation

Australian legislation will pass this Australian legislation will pass this yearyear

opt in regime with few exceptions infringement notices issued by ACA; enforced

by FCA heavy penalties limited exemptions anti harvesting provisions strong information requirements

www.iia.net.au/nospam

Users are most concerned about...Users are most concerned about...

computer virusescomputer viruses spamspam privacy privacy security of transactionssecurity of transactions response timesresponse times cost of accesscost of access cost of upgrading cost of upgrading

hardwarehardware

%

2515111110

93

Source: ACNielsen.consult Australian Online User Study #10 (n = 34,643)

www.iia.net.au