Information Security, DTI
The Information Security market was worth £865 million in the UK in 2002. The UK industry is widely recognised to be highly innovative and has led the way in the development of standards and good practices, notably with the BS7799 standard. However, it has generally failed to build successful mass-market suppliers in a market that is dominated by overseas companies, particularly from the US. In practice the market is fragmented on both the supplier and the user side. Many companies have no single point of responsibility for their information security, and purchasing is often split across several departments. One of the reasons for this is that security is often viewed as a bag of technologies by both buyer and seller, rather than a coherent framework built around robust policies and procedures.
The prime responsibility of the DTI's Information Security Policy Team is to help UK businesses address this issue, and manage their information security more effectively. We work with business to:
・identify the barriers to the adoption of new technologies
・raise awareness of the importance of effective information security management
・develop guidance on good practice in information security. This includes the development of 'ISO/IEC 17799/BS 7799: A Code of Practice for Information Security Management'
・develop solutions to emerging problems. This has included the new arrangements for Trusted Third Parties that provide cryptographic services
・promote the development of appropriate international standards and a regulatory framework that encourages the uptake of electronic commerce