Former MI5 chief warns on IT security

Former MI5 chief Dame Stella Rimington has warned IT chiefs against the futility of "tackling yesterday's security threats".

Speaking at analyst Gartner's IT Security Summit in London yesterday, Rimington said that national security and business security face similar challenges when it comes to assessing security threats.

But she warned that businesses risked being distracted by solving yesterday's problems and developing tools for non-existent threats instead of thinking about future events which may pose a real threat.

"At a commercial level there is the danger of going off at a tangent and developing protection against risks that don't exist or are unlikely, when more protection against simple security risks are ignored because they tend to cause delays and annoy day-to-day business," she said.

"It is essential to develop a culture of security and responsibility towards information which must be taken seriously at the highest level, or security will just be treated as paranoia."

Rimington highlighted one of the major problems facing national and business security: balancing access to information with protection of that information.

"There will never be an agreement on the boundaries. The need to provide appropriate openness and access will be argued over forever," she said.

"Information is the lifeblood of all security. On a national and business scale, people face a similar task - trying to identify the threat and manage the risk.

"At a national level it is identifying who the enemies are and where they come from. On a business level it is identifying which companies, pressure groups and individuals threaten you."

She said that threats in both the commercial and national spheres did not remain static. "At the height of the 60s we had one sole threat: the Soviet Union and its allies.

"Since 9/11 it is much more complicated and terrorism is less easy to understand and targets are less easy to predict. Information can never be 100 per cent precise," she said.

However, she added: "Assessing what information you have and working out its impact on you is the key challenge of security and intelligence work."