What is Network Security?

September 11, 2007

Our first task upon establishing the Network Security Innovation Platform (NSIP) was to define what was meant by Network Security. We visited a range of relevant stakeholders to canvas opinion, which also gave us the early opportunity of spreading the NSIP message. Meetings always caused a good deal of debate and brought forward differing views, but eventually we did manage to come up with a consensus definition we could all live with.Network Security is defined as being “concerned with the resilience of the network communications infrastructure and the security of the information being transmitted across the network. This must necessarily include people engaging in network activities and it is therefore relevant to include the usability of such systems including human factors, beliefs and interfaces such as identity management and authentication tools.”What it basically boils down to is both the physical kit that supports the network and the human at the end of the keyboard, mobile, access control system…..etc…that we are now encountering more and more in our ever-pervasive IT world. To cut a long story short, we established a steering group drawn from Government, industry and academia; we then spoke to lots of people who told us their angle, held several events (often with assistance from the Cyber Security KTN) and then stopped to take stock of where we were.The majority agreed that the following were hot topics;Ensuring Privacy and ConsentHuman Vulnerabilities/ FactorsRisk Management/Metrics for Security ThreatProvenanceSecure Software DevelopmentDeperimeterisationAndrew TyrerInnovation Platform Manager, Network Security

Advertisements

One Response to “What is Network Security?”

  1. Kevin Knappett Says:

    I would like to see a ‘code of practice’ developed or industry standard that provide the general public with traffic-lighted or graded security information on the protection of contact details incl. credit card via a specific website/email/telehone banking and telephone DTMF (Dual Tone Multi-Frequency) system.

    For example, where a website requires personal information, the individual should be able to click an information button that shows the level to which the information is transmitted securely and stored i.e. does the server installation conform to a european security standard and how long is the data held. A penetration ‘PEN’ test could be used to test the performance of such systems as part of the code-of-practice and check conformance.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: