"It's about people. Security has a technological dimension but the best technologies won't get you very far," he said. According to Needham, changing behaviour may take far longer than expected. "Consider paper-based commerce. Book-keeping practices took a considerable time to put in place. Security is a nuisance, it's far easier to do a job insecurely."
There was therefore a case for slowing down the rush to implement e-government as quickly as possible while the security implications are reviewed more thoroughly, he said.
The government's new security and trust programme revolves around the establishment of a Security and Authentication Unit in the Office of the e-Envoy to promote best practices to citizens, companies and government departments, and sponsoring research by technology experts.
Early initiatives include a jargon-free Question and Answer section on the e-Envoy site that < href="http://fastlink.headstar.com/qa" target="_blank">explains how to minimise security risks. A more complex set of guidelines based on OECD advice and aimed at businesses will be published soon.
The unit is also involved in upgrading Cabinet Office security standards and helping to steer security research conducted by the Communications-Electronics Security Group, the technology arm of the security services.
Quelle: Headstar